From 1f8448f98e8790443cca2623f3f0099e5ac48ff4 Mon Sep 17 00:00:00 2001 From: Eva Date: Wed, 21 Feb 2024 10:42:59 -0500 Subject: [PATCH] remove trailing white spaces; fix tests --- .../cve-10.21.2021_attack-9.0-enterprise.json | 428 +++++++++--------- src/mapex_convert/parse_cve_mappings.py | 3 +- .../expected_results/expected_results_json.py | 136 +----- 3 files changed, 220 insertions(+), 347 deletions(-) diff --git a/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json b/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json index 89547a4f..67302871 100644 --- a/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json +++ b/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json @@ -41,7 +41,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco SPA112 2-Port Phone Adapter ", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "mapping_type": "primary_impact", "capability_group": "2019", @@ -52,7 +52,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco SPA112 2-Port Phone Adapter ", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -63,7 +63,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco SPA112 2-Port Phone Adapter ", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -74,7 +74,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "mapping_type": "primary_impact", "capability_group": "2019", @@ -85,7 +85,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -96,7 +96,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -107,7 +107,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "Cisco Web Security Appliance (WSA) ", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "primary_impact", "capability_group": "2019", @@ -118,7 +118,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "Cisco Web Security Appliance (WSA) ", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "primary_impact", "capability_group": "2019", @@ -129,7 +129,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Web Security Appliance (WSA) ", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -140,7 +140,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Web Security Appliance (WSA) ", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -151,7 +151,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Prime Infrastructure ", + "capability_description": "Cisco Prime Infrastructure", "capability_id": "CVE-2019-15958", "mapping_type": "primary_impact", "capability_group": "2019", @@ -162,7 +162,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Prime Infrastructure ", + "capability_description": "Cisco Prime Infrastructure", "capability_id": "CVE-2019-15958", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -250,7 +250,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Unified Intelligence Center ", + "capability_description": "Cisco Unified Intelligence Center", "capability_id": "CVE-2019-1860", "mapping_type": "primary_impact", "capability_group": "2019", @@ -261,7 +261,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Unified Intelligence Center ", + "capability_description": "Cisco Unified Intelligence Center", "capability_id": "CVE-2019-1860", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -272,7 +272,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "Cisco Email Security Appliance (ESA) ", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2019-1831", "mapping_type": "primary_impact", "capability_group": "2019", @@ -283,7 +283,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "Cisco Email Security Appliance (ESA) ", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2019-1831", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -294,7 +294,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "primary_impact", "capability_group": "2019", @@ -305,7 +305,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -316,7 +316,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -327,7 +327,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -338,7 +338,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -349,7 +349,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "primary_impact", "capability_group": "2019", @@ -360,7 +360,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -371,7 +371,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -382,7 +382,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -393,7 +393,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -426,7 +426,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco Unified Computing System (Management Software) ", + "capability_description": "Cisco Unified Computing System (Management Software)", "capability_id": "CVE-2019-1879", "mapping_type": "primary_impact", "capability_group": "2019", @@ -437,7 +437,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Unified Computing System (Management Software) ", + "capability_description": "Cisco Unified Computing System (Management Software)", "capability_id": "CVE-2019-1879", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -448,7 +448,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Unified Computing System (Management Software) ", + "capability_description": "Cisco Unified Computing System (Management Software)", "capability_id": "CVE-2019-1879", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -459,7 +459,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco Unified Computing System E-Series Software (UCSE) ", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "primary_impact", "capability_group": "2019", @@ -470,7 +470,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco Unified Computing System E-Series Software (UCSE) ", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -481,7 +481,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Unified Computing System E-Series Software (UCSE) ", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -492,7 +492,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Unified Computing System E-Series Software (UCSE) ", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -503,7 +503,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3403", "mapping_type": "primary_impact", "capability_group": "2020", @@ -514,7 +514,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3403", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -525,7 +525,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3403", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -536,7 +536,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1941", "mapping_type": "primary_impact", "capability_group": "2019", @@ -547,7 +547,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1941", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -558,7 +558,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1941", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -569,7 +569,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco Small Business RV Series Router Firmware ", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "primary_impact", "capability_group": "2020", @@ -580,7 +580,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Small Business RV Series Router Firmware ", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -591,7 +591,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Small Business RV Series Router Firmware ", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -602,7 +602,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Small Business RV Series Router Firmware ", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -613,7 +613,7 @@ "attack_object_id": "T1529", "attack_object_name": "System Shutdown/Reboot", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2018-15397", "mapping_type": "primary_impact", "capability_group": "2018", @@ -624,7 +624,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2018-15397", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -635,7 +635,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3253", "mapping_type": "primary_impact", "capability_group": "2020", @@ -646,7 +646,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3253", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -657,7 +657,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Application Policy Infrastructure Controller (APIC) ", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1838", "mapping_type": "primary_impact", "capability_group": "2019", @@ -668,7 +668,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Application Policy Infrastructure Controller (APIC) ", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1838", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -679,7 +679,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Application Policy Infrastructure Controller (APIC) ", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1838", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -690,7 +690,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco IOx ", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3233", "mapping_type": "primary_impact", "capability_group": "2020", @@ -701,7 +701,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco IOx ", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3233", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -712,7 +712,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco IOx ", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3233", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -723,7 +723,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "Cisco Hosted Collaboration Mediation Fulfillment ", + "capability_description": "Cisco Hosted Collaboration Mediation Fulfillment", "capability_id": "CVE-2018-15401", "mapping_type": "primary_impact", "capability_group": "2018", @@ -734,7 +734,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Hosted Collaboration Mediation Fulfillment ", + "capability_description": "Cisco Hosted Collaboration Mediation Fulfillment", "capability_id": "CVE-2018-15401", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -745,7 +745,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco SPA112 2-Port Phone Adapter ", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15249", "mapping_type": "primary_impact", "capability_group": "2019", @@ -756,7 +756,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco SPA112 2-Port Phone Adapter ", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15249", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -767,7 +767,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco SPA112 2-Port Phone Adapter ", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15249", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -778,7 +778,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Firepower Management Center ", + "capability_description": "Cisco Firepower Management Center", "capability_id": "CVE-2019-15280", "mapping_type": "primary_impact", "capability_group": "2019", @@ -789,7 +789,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Firepower Management Center ", + "capability_description": "Cisco Firepower Management Center", "capability_id": "CVE-2019-15280", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -800,7 +800,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "Cisco Firepower Management Center ", + "capability_description": "Cisco Firepower Management Center", "capability_id": "CVE-2019-15280", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -811,7 +811,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "Cisco TelePresence TC Software ", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15288", "mapping_type": "primary_impact", "capability_group": "2019", @@ -822,7 +822,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco TelePresence TC Software ", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15288", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -833,7 +833,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco TelePresence TC Software ", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15288", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -877,7 +877,7 @@ "attack_object_id": "T1565.002", "attack_object_name": "Transmitted Data Manipulation", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3460", "mapping_type": "primary_impact", "capability_group": "2020", @@ -888,7 +888,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3460", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -899,7 +899,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Email Security Appliance (ESA) ", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3137", "mapping_type": "primary_impact", "capability_group": "2020", @@ -910,7 +910,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Email Security Appliance (ESA) ", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3137", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -921,7 +921,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Email Security Appliance (ESA) ", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3137", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -932,7 +932,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3312", "mapping_type": "primary_impact", "capability_group": "2020", @@ -943,7 +943,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3312", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -987,7 +987,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "Cisco SD-WAN Solution ", + "capability_description": "Cisco SD-WAN Solution", "capability_id": "CVE-2020-3379", "mapping_type": "primary_impact", "capability_group": "2020", @@ -998,7 +998,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco SD-WAN Solution ", + "capability_description": "Cisco SD-WAN Solution", "capability_id": "CVE-2020-3379", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1009,7 +1009,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "Cisco Small Business RV Series Router Firmware ", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2019-1724", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1020,7 +1020,7 @@ "attack_object_id": "T1529", "attack_object_name": "System Shutdown/Reboot", "references": [], - "capability_description": "Cisco Web Security Appliance (WSA) ", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-1817", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1031,7 +1031,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Web Security Appliance (WSA) ", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-1817", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1042,7 +1042,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco IOS ", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3477", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1053,7 +1053,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco IOS ", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3477", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1064,7 +1064,7 @@ "attack_object_id": "T1574.008", "attack_object_name": "Path Interception by Search Order Hijacking", "references": [], - "capability_description": "Cisco Directory Connector ", + "capability_description": "Cisco Directory Connector", "capability_id": "CVE-2019-1794", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1075,7 +1075,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Directory Connector ", + "capability_description": "Cisco Directory Connector", "capability_id": "CVE-2019-1794", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1086,7 +1086,7 @@ "attack_object_id": "T1105", "attack_object_name": "Ingress Tool Transfer", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-1620", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1097,7 +1097,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-1620", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1108,7 +1108,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco IOS XE SD-WAN Software ", + "capability_description": "Cisco IOS XE SD-WAN Software", "capability_id": "CVE-2020-3216", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1119,7 +1119,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco IOS XE SD-WAN Software ", + "capability_description": "Cisco IOS XE SD-WAN Software", "capability_id": "CVE-2020-3216", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -1130,7 +1130,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2020-3306", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1141,7 +1141,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2020-3306", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1152,7 +1152,7 @@ "attack_object_id": "T1489", "attack_object_name": "Service Stop", "references": [], - "capability_description": "Cisco Web Security Appliance (WSA) ", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-1886", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1163,7 +1163,7 @@ "attack_object_id": "T1489", "attack_object_name": "Service Stop", "references": [], - "capability_description": "Cisco IOS XR Software ", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2019-1711", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1174,7 +1174,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco SD-WAN vManage ", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3375", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1185,7 +1185,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco SD-WAN vManage ", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3375", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1196,7 +1196,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "Cisco HyperFlex HX-Series ", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1857", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1207,7 +1207,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco HyperFlex HX-Series ", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1857", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1218,7 +1218,7 @@ "attack_object_id": "T1499.002", "attack_object_name": "Service Exhaustion Flood", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2019-1703", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1229,7 +1229,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Unity Connection ", + "capability_description": "Cisco Unity Connection", "capability_id": "CVE-2019-15963", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1240,7 +1240,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Unity Connection ", + "capability_description": "Cisco Unity Connection", "capability_id": "CVE-2019-15963", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1251,7 +1251,7 @@ "attack_object_id": "T1105", "attack_object_name": "Ingress Tool Transfer", "references": [], - "capability_description": "Cisco Webex Teams ", + "capability_description": "Cisco Webex Teams", "capability_id": "CVE-2019-1689", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1262,7 +1262,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco Webex Teams ", + "capability_description": "Cisco Webex Teams", "capability_id": "CVE-2019-1689", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1273,7 +1273,7 @@ "attack_object_id": "T1531", "attack_object_name": "Account Access Removal", "references": [], - "capability_description": "Cisco Webex Teams ", + "capability_description": "Cisco Webex Teams", "capability_id": "CVE-2019-1689", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1284,7 +1284,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3476", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1295,7 +1295,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3476", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1306,7 +1306,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "Cisco Policy Suite (CPS) Software ", + "capability_description": "Cisco Policy Suite (CPS) Software", "capability_id": "CVE-2018-15466", "mapping_type": "primary_impact", "capability_group": "2018", @@ -1317,7 +1317,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Policy Suite (CPS) Software ", + "capability_description": "Cisco Policy Suite (CPS) Software", "capability_id": "CVE-2018-15466", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -1328,7 +1328,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco WebEx WRF Player ", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-15287", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1339,7 +1339,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "Cisco WebEx WRF Player ", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-15287", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1350,7 +1350,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco IOS XR Software ", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2019-15998", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1361,7 +1361,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco IOS XR Software ", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2019-15998", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1372,7 +1372,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco Application Policy Infrastructure Controller (APIC) ", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1889", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1383,7 +1383,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Application Policy Infrastructure Controller (APIC) ", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1889", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1405,7 +1405,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "Cisco Identity Services Engine Software ", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1736", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1416,7 +1416,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "Cisco IOS XR Software ", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2020-3120", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1449,7 +1449,7 @@ "attack_object_id": "T1565.002", "attack_object_name": "Transmitted Data Manipulation", "references": [], - "capability_description": "Cisco Small Business 300 Series Managed Switches ", + "capability_description": "Cisco Small Business 300 Series Managed Switches", "capability_id": "CVE-2019-1943", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1460,7 +1460,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "Cisco Small Business 300 Series Managed Switches ", + "capability_description": "Cisco Small Business 300 Series Managed Switches", "capability_id": "CVE-2019-1943", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1471,7 +1471,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Small Business 300 Series Managed Switches ", + "capability_description": "Cisco Small Business 300 Series Managed Switches", "capability_id": "CVE-2019-1943", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1482,7 +1482,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco HyperFlex HX-Series ", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1665", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1493,7 +1493,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco HyperFlex HX-Series ", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1665", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1504,7 +1504,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco HyperFlex HX-Series ", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1665", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1515,7 +1515,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Stealthwatch Enterprise ", + "capability_description": "Cisco Stealthwatch Enterprise", "capability_id": "CVE-2019-15994", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1526,7 +1526,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Stealthwatch Enterprise ", + "capability_description": "Cisco Stealthwatch Enterprise", "capability_id": "CVE-2019-15994", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1537,7 +1537,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Stealthwatch Enterprise ", + "capability_description": "Cisco Stealthwatch Enterprise", "capability_id": "CVE-2019-15994", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1570,7 +1570,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco SPA525G2 5-line IP Phone ", + "capability_description": "Cisco SPA525G2 5-line IP Phone", "capability_id": "CVE-2019-15959", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1581,7 +1581,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "Cisco SPA525G2 5-line IP Phone ", + "capability_description": "Cisco SPA525G2 5-line IP Phone", "capability_id": "CVE-2019-15959", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1592,7 +1592,7 @@ "attack_object_id": "T1565.002", "attack_object_name": "Transmitted Data Manipulation", "references": [], - "capability_description": "Cisco Managed Services Accelerator ", + "capability_description": "Cisco Managed Services Accelerator", "capability_id": "CVE-2019-15974", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1603,7 +1603,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "Cisco Managed Services Accelerator ", + "capability_description": "Cisco Managed Services Accelerator", "capability_id": "CVE-2019-15974", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1614,7 +1614,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco WebEx WRF Player ", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-1772", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1625,7 +1625,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "Cisco WebEx WRF Player ", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-1772", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1636,7 +1636,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "Cisco WebEx WRF Player ", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-1772", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1647,7 +1647,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Email Security Appliance (ESA) ", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3133", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1658,7 +1658,7 @@ "attack_object_id": "T1566.001", "attack_object_name": "Spearphishing Attachment", "references": [], - "capability_description": "Cisco Email Security Appliance (ESA) ", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3133", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1669,7 +1669,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco FireSIGHT System Software ", + "capability_description": "Cisco FireSIGHT System Software", "capability_id": "CVE-2019-12696", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1680,7 +1680,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "Cisco FireSIGHT System Software ", + "capability_description": "Cisco FireSIGHT System Software", "capability_id": "CVE-2019-12696", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1691,7 +1691,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco SD-WAN vManage ", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3387", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1702,7 +1702,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco SD-WAN vManage ", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3387", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1713,7 +1713,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco SD-WAN vManage ", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3387", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1724,7 +1724,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Content Security Management Appliance (SMA) ", + "capability_description": "Cisco Content Security Management Appliance (SMA)", "capability_id": "CVE-2018-15393", "mapping_type": "primary_impact", "capability_group": "2018", @@ -1735,7 +1735,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Content Security Management Appliance (SMA) ", + "capability_description": "Cisco Content Security Management Appliance (SMA)", "capability_id": "CVE-2018-15393", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -1746,7 +1746,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Content Security Management Appliance (SMA) ", + "capability_description": "Cisco Content Security Management Appliance (SMA)", "capability_id": "CVE-2018-15393", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -1779,7 +1779,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco Webex Meetings ", + "capability_description": "Cisco Webex Meetings", "capability_id": "CVE-2020-3440", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1790,7 +1790,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "Cisco Webex Meetings ", + "capability_description": "Cisco Webex Meetings", "capability_id": "CVE-2020-3440", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1801,7 +1801,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "Cisco Webex Meetings ", + "capability_description": "Cisco Webex Meetings", "capability_id": "CVE-2020-3440", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1812,7 +1812,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Wide Area Application Services (WAAS) ", + "capability_description": "Cisco Wide Area Application Services (WAAS)", "capability_id": "CVE-2019-1876", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1823,7 +1823,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco Wide Area Application Services (WAAS) ", + "capability_description": "Cisco Wide Area Application Services (WAAS)", "capability_id": "CVE-2019-1876", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1834,7 +1834,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco 550X Series Stackable Managed Switches ", + "capability_description": "Cisco 550X Series Stackable Managed Switches", "capability_id": "CVE-2020-3121", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1845,7 +1845,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco 550X Series Stackable Managed Switches ", + "capability_description": "Cisco 550X Series Stackable Managed Switches", "capability_id": "CVE-2020-3121", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -1856,7 +1856,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco 550X Series Stackable Managed Switches ", + "capability_description": "Cisco 550X Series Stackable Managed Switches", "capability_id": "CVE-2020-3121", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1911,7 +1911,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1922,7 +1922,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1933,7 +1933,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1944,7 +1944,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1988,7 +1988,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode ", + "capability_description": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", "capability_id": "CVE-2019-1836", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1999,7 +1999,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode ", + "capability_description": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", "capability_id": "CVE-2019-1836", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2010,7 +2010,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco TelePresence TC Software ", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15289", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2021,7 +2021,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco TelePresence TC Software ", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15289", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2032,7 +2032,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco Energy Management Suite ", + "capability_description": "Cisco Energy Management Suite", "capability_id": "CVE-2018-15444", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2043,7 +2043,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Energy Management Suite ", + "capability_description": "Cisco Energy Management Suite", "capability_id": "CVE-2018-15444", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -2054,7 +2054,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco Energy Management Suite ", + "capability_description": "Cisco Energy Management Suite", "capability_id": "CVE-2018-15444", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2098,7 +2098,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3407", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2109,7 +2109,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3407", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2120,7 +2120,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco IOx ", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3237", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2131,7 +2131,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco IOx ", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3237", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2197,7 +2197,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco Wireless LAN Controller (WLC) ", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2208,7 +2208,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "Cisco Wireless LAN Controller (WLC) ", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2219,7 +2219,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Wireless LAN Controller (WLC) ", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2230,7 +2230,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "Cisco Wireless LAN Controller (WLC) ", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2241,7 +2241,7 @@ "attack_object_id": "T1542.004", "attack_object_name": "ROMMONkit", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3416", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2252,7 +2252,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3416", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2296,7 +2296,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3356", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2307,7 +2307,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3356", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2318,7 +2318,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3356", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2329,7 +2329,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2340,7 +2340,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -2351,7 +2351,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2362,7 +2362,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2373,7 +2373,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2384,7 +2384,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2417,7 +2417,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco NX-OS Software ", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2020-3397", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2428,7 +2428,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco NX-OS Software ", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2020-3397", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2593,7 +2593,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2604,7 +2604,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2615,7 +2615,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2626,7 +2626,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2637,7 +2637,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2020-3177", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2648,7 +2648,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Unified Communications Manager ", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2020-3177", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2659,7 +2659,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3510", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2670,7 +2670,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3510", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2681,7 +2681,7 @@ "attack_object_id": "T1542.004", "attack_object_name": "ROMMONkit", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3513", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2692,7 +2692,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "Cisco IOS XE Software ", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3513", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2703,7 +2703,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco IOS ", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3409", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2714,7 +2714,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco IOS ", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3409", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2725,7 +2725,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3349", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2736,7 +2736,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3349", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2747,7 +2747,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "Cisco Data Center Network Manager ", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3349", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2758,7 +2758,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco Industrial Network Director ", + "capability_description": "Cisco Industrial Network Director", "capability_id": "CVE-2018-15392", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2769,7 +2769,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Industrial Network Director ", + "capability_description": "Cisco Industrial Network Director", "capability_id": "CVE-2018-15392", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2780,7 +2780,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2018-15462", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2791,7 +2791,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2018-15462", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2802,7 +2802,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2019-1704", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2813,7 +2813,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco Firepower Threat Defense Software ", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2019-1704", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2824,7 +2824,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "Cisco ASR 5000 Series Software ", + "capability_description": "Cisco ASR 5000 Series Software", "capability_id": "CVE-2020-3244", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2835,7 +2835,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "Cisco ASR 5000 Series Software ", + "capability_description": "Cisco ASR 5000 Series Software", "capability_id": "CVE-2020-3244", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2846,7 +2846,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "Cisco UCS Director ", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2857,7 +2857,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "Cisco UCS Director ", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2868,7 +2868,7 @@ "attack_object_id": "T1003.008", "attack_object_name": "/etc/passwd and /etc/shadow", "references": [], - "capability_description": "Cisco UCS Director ", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2879,7 +2879,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "Cisco UCS Director ", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2890,7 +2890,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "Cisco UCS Director ", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2901,7 +2901,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "Cisco UCS Director ", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -3044,7 +3044,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": " Unity Operating Environment", + "capability_description": "Unity Operating Environment", "capability_id": "CVE-2019-3754", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3055,7 +3055,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": " Unity Operating Environment", + "capability_description": "Unity Operating Environment", "capability_id": "CVE-2019-3754", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3066,7 +3066,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": " Unity Operating Environment", + "capability_description": "Unity Operating Environment", "capability_id": "CVE-2019-3754", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4474,7 +4474,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "iDRAC ", + "capability_description": "iDRAC", "capability_id": "CVE-2018-15774", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4639,7 +4639,7 @@ "attack_object_id": "T1600", "attack_object_name": "Weaken Encryption", "references": [], - "capability_description": "RSA BSAFE SSL-J ", + "capability_description": "RSA BSAFE SSL-J", "capability_id": "CVE-2018-11069", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4650,7 +4650,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "RSA BSAFE SSL-J ", + "capability_description": "RSA BSAFE SSL-J", "capability_id": "CVE-2018-11069", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -4661,7 +4661,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "RSA Identity Governance and Lifecycle ", + "capability_description": "RSA Identity Governance and Lifecycle", "capability_id": "CVE-2019-3763", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4672,7 +4672,7 @@ "attack_object_id": "T1078 ", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "RSA Identity Governance and Lifecycle ", + "capability_description": "RSA Identity Governance and Lifecycle", "capability_id": "CVE-2019-3763", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -17509,7 +17509,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "Cisco Adaptive Security Appliance (ASA) Software ", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2018-15454", "mapping_type": "uncategorized", "capability_group": "2018", diff --git a/src/mapex_convert/parse_cve_mappings.py b/src/mapex_convert/parse_cve_mappings.py index 2d8629e7..d40214b6 100644 --- a/src/mapex_convert/parse_cve_mappings.py +++ b/src/mapex_convert/parse_cve_mappings.py @@ -77,13 +77,14 @@ def configure_cve_mappings(df, attack_id_to_name_dict): capability_id.index("-") + 1 : row["CVE ID"].rindex("-") ] capability_description = "" + # get capability product description from cve api try: response = requests.get( f"https://cveawg.mitre.org/api/cve/{capability_id}/", verify=False, ).json() descriptions = response["containers"]["cna"]["affected"] - capability_description = descriptions[0]["product"] + capability_description = descriptions[0]["product"].strip() except: logger.error("Failed to fetch capability description") diff --git a/tests/expected_results/expected_results_json.py b/tests/expected_results/expected_results_json.py index 6312e637..f924fa9a 100644 --- a/tests/expected_results/expected_results_json.py +++ b/tests/expected_results/expected_results_json.py @@ -315,7 +315,6 @@ "references": None, "capability_description": "Cache poisoning. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Cache poisoning", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -326,7 +325,6 @@ "references": None, "capability_description": "Cross-site request forgery. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.CSRF", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -337,7 +335,6 @@ "references": None, "capability_description": "Mail command injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Mail command injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -348,7 +345,6 @@ "references": None, "capability_description": "Null byte injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Null byte injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -359,7 +355,6 @@ "references": None, "capability_description": "OS commanding. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.OS commanding", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -370,7 +365,6 @@ "references": None, "capability_description": "Path traversal. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Path traversal", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -381,7 +375,6 @@ "references": None, "capability_description": "Reverse engineering. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Reverse engineering", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -392,7 +385,6 @@ "references": None, "capability_description": "Remote file inclusion. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.RFI", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -403,7 +395,6 @@ "references": None, "capability_description": "Credential or session prediction. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Session prediction", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -414,7 +405,6 @@ "references": None, "capability_description": "Session replay. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Session replay", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -425,7 +415,6 @@ "references": None, "capability_description": "Special element injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Special element injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -436,7 +425,6 @@ "references": None, "capability_description": "SQL injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.SQLi", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -447,7 +435,6 @@ "references": None, "capability_description": "SSI injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.SSI injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -458,7 +445,6 @@ "references": None, "capability_description": "URL redirector abuse. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.URL redirector abuse", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -469,7 +455,6 @@ "references": None, "capability_description": "Elevation of privilege by another customer in shared environment. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.User breakout", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -480,7 +465,6 @@ "references": None, "capability_description": "XQuery injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.XQuery injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -491,7 +475,6 @@ "references": None, "capability_description": "Cross-site scripting. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.XSS", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -502,7 +485,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.hacking.variety.Other", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -513,7 +495,6 @@ "references": None, "capability_description": "Graphical desktop sharing (RDP, VNC, PCAnywhere, Citrix)", "capability_id": "action.hacking.vector.Desktop sharing", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -524,7 +505,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.hacking.vector.Other", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -535,7 +515,6 @@ "references": None, "capability_description": "VPN", "capability_id": "action.hacking.vector.VPN", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -546,7 +525,6 @@ "references": None, "capability_description": "Web application", "capability_id": "action.hacking.vector.Web application", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -557,7 +535,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.hacking.vector.Unknown", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -568,7 +545,6 @@ "references": None, "capability_description": "The hacking action resulted in additional security access", "capability_id": "action.hacking.result.Infiltrate", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -579,7 +555,6 @@ "references": None, "capability_description": "The hacking action exfiltrated data from the victim", "capability_id": "action.hacking.result.Exfiltrate", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -590,7 +565,6 @@ "references": None, "capability_description": "The hacking action resulted in additional security permissions", "capability_id": "action.hacking.result.Elevate", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -601,7 +575,6 @@ "references": None, "capability_description": "The hacking action used security access or permissions already acuired", "capability_id": "action.hacking.result.Lateral movement", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -612,7 +585,6 @@ "references": None, "capability_description": "e.g. cryptomining, ransomware, etc", "capability_id": "action.hacking.result.Deploy payload", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -623,7 +595,6 @@ "references": None, "capability_description": "The result of the hacking action is not listed", "capability_id": "action.hacking.result.Other", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -634,7 +605,6 @@ "references": None, "capability_description": "The result of the hacking action is unknown", "capability_id": "action.hacking.result.Unknown", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -645,7 +615,6 @@ "references": None, "capability_description": "The hacking action did not have a result", "capability_id": "action.hacking.result.NA", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -656,7 +625,6 @@ "references": None, "capability_description": "Downloader (pull updates or other malware)", "capability_id": "action.malware.variety.Downloader", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -667,7 +635,6 @@ "references": None, "capability_description": "Send spam", "capability_id": "action.malware.variety.Spam", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -678,7 +645,6 @@ "references": None, "capability_description": "SQL injection attack", "capability_id": "action.malware.variety.SQL injection", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -689,7 +655,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.malware.variety.Other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -700,7 +665,6 @@ "references": None, "capability_description": "Email. Parent to 'Email attachment', 'Email autoexecute', 'Email link', 'Email unknown'", "capability_id": "action.malware.vector.Email", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -711,7 +675,6 @@ "references": None, "capability_description": "Email via automatic execution. Child of 'Email'", "capability_id": "action.malware.vector.Email autoexecute", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -722,7 +685,6 @@ "references": None, "capability_description": "Email but sub-variety (attachment, autoexecute, link, etc) not known. Child of 'Email'", "capability_id": "action.malware.vector.Email unknown", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -733,7 +695,6 @@ "references": None, "capability_description": "Email sub-variety known, but not one of those listed (attachment, link, autoexecute, etc). Child of 'Email'", "capability_id": "action.malware.vector.Email other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -744,7 +705,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.malware.vector.Other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -755,7 +715,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.malware.vector.Unknown", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -766,7 +725,6 @@ "references": None, "capability_description": "The malware action resulted in additional security access", "capability_id": "action.malware.result.Infiltrate", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -777,7 +735,6 @@ "references": None, "capability_description": "The malware action exfiltrated data from the victim", "capability_id": "action.malware.result.Exfiltrate", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -788,7 +745,6 @@ "references": None, "capability_description": "The malware action resulted in additional security permissions", "capability_id": "action.malware.result.Elevate", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -799,7 +755,6 @@ "references": None, "capability_description": "The malware action used security access or permissions already acuired", "capability_id": "action.malware.result.Lateral movement", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -810,7 +765,6 @@ "references": None, "capability_description": "e.g. cryptomining, ransomware, etc", "capability_id": "action.malware.result.Deploy payload", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -821,7 +775,6 @@ "references": None, "capability_description": "The result of the malware action is not listed", "capability_id": "action.malware.result.Other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -832,7 +785,6 @@ "references": None, "capability_description": "The result of the malware action is unknown", "capability_id": "action.malware.result.Unknown", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -843,7 +795,6 @@ "references": None, "capability_description": "The malware action did not have a result", "capability_id": "action.malware.result.NA", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -854,7 +805,6 @@ "references": None, "capability_description": "Handling of data in an unapproved manner", "capability_id": "action.misuse.variety.Data mishandling", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -865,7 +815,6 @@ "references": None, "capability_description": "Inappropriate use of email or IM", "capability_id": "action.misuse.variety.Email misuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -876,7 +825,6 @@ "references": None, "capability_description": "Storage or distribution of illicit content", "capability_id": "action.misuse.variety.Illicit content", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -887,7 +835,6 @@ "references": None, "capability_description": "Abuse of private or entrusted knowledge", "capability_id": "action.misuse.variety.Knowledge abuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -898,7 +845,6 @@ "references": None, "capability_description": "Inappropriate use of network or Web access including cloud services", "capability_id": "action.misuse.variety.Net misuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -909,7 +855,6 @@ "references": None, "capability_description": "Abuse of physical access to asset", "capability_id": "action.misuse.variety.Possession abuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -920,7 +865,6 @@ "references": None, "capability_description": "Abuse of system access privileges", "capability_id": "action.misuse.variety.Privilege abuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -931,7 +875,6 @@ "references": None, "capability_description": "Actor photographs the confidentiality data variety.", "capability_id": "action.misuse.variety.Snap picture", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -942,7 +885,6 @@ "references": None, "capability_description": "Use of unapproved hardware or devices", "capability_id": "action.misuse.variety.Unapproved hardware", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -953,7 +895,6 @@ "references": None, "capability_description": "Use of unapproved software or services", "capability_id": "action.misuse.variety.Unapproved software", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -964,7 +905,6 @@ "references": None, "capability_description": "Unapproved workaround or shortcut", "capability_id": "action.misuse.variety.Unapproved workaround", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -975,7 +915,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.misuse.variety.Other", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -986,7 +925,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.misuse.variety.Unknown", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -997,7 +935,6 @@ "references": None, "capability_description": "Local network access within corporate facility", "capability_id": "action.misuse.vector.LAN access", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1008,7 +945,6 @@ "references": None, "capability_description": "Non-corporate facilities or networks", "capability_id": "action.misuse.vector.Non-corporate", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1019,7 +955,6 @@ "references": None, "capability_description": "Physical access within corporate facility", "capability_id": "action.misuse.vector.Physical access", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1030,7 +965,6 @@ "references": None, "capability_description": "Remote access connection to corporate network (i.e. VPN)", "capability_id": "action.misuse.vector.Remote access", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1041,7 +975,6 @@ "references": None, "capability_description": "Web application", "capability_id": "action.misuse.vector.Web application", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1052,7 +985,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.misuse.vector.Other", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1343,7 +1275,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.social.vector.Other", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1354,7 +1285,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.social.vector.Unknown", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1365,7 +1295,6 @@ "references": None, "capability_description": "Auditor", "capability_id": "action.social.target.Auditor", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1376,7 +1305,6 @@ "references": None, "capability_description": "Call center staff", "capability_id": "action.social.target.Call center", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1387,7 +1315,6 @@ "references": None, "capability_description": "Cashier, teller or waiter", "capability_id": "action.social.target.Cashier", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1398,7 +1325,6 @@ "references": None, "capability_description": "Customer (B2C)", "capability_id": "action.social.target.Customer", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1409,7 +1335,6 @@ "references": None, "capability_description": "Software developer", "capability_id": "action.social.target.Developer", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1420,7 +1345,6 @@ "references": None, "capability_description": "End-user of the victim's products and/or services. Child of 'End-user or employee'", "capability_id": "action.social.target.End-user", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1431,7 +1355,6 @@ "references": None, "capability_description": "End-user or regular employee not otherwise listed. Parent of 'End-user' or 'Other employee'", "capability_id": "action.social.target.End-user or employee", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1442,7 +1365,6 @@ "references": None, "capability_description": "Senior staff with legal responsibility such as board members and corporate officers", "capability_id": "action.social.target.Executive", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1453,7 +1375,6 @@ "references": None, "capability_description": "Finance or accounting staff", "capability_id": "action.social.target.Finance", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1464,7 +1385,6 @@ "references": None, "capability_description": "Former employee", "capability_id": "action.social.target.Former employee", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1475,7 +1395,6 @@ "references": None, "capability_description": "Security guard", "capability_id": "action.social.target.Guard", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1486,7 +1405,6 @@ "references": None, "capability_description": "Helpdesk staff", "capability_id": "action.social.target.Helpdesk", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1497,7 +1415,6 @@ "references": None, "capability_description": "Human resources staff", "capability_id": "action.social.target.Human resources", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1508,7 +1425,6 @@ "references": None, "capability_description": "Maintenance or janitorial staff", "capability_id": "action.social.target.Maintenance", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1519,7 +1435,6 @@ "references": None, "capability_description": "Manager or supervisor", "capability_id": "action.social.target.Manager", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1530,7 +1445,6 @@ "references": None, "capability_description": "Regular employee not otherwise listed. Child of 'End-user or employee'", "capability_id": "action.social.target.Other employee", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1541,7 +1455,6 @@ "references": None, "capability_description": "Partner (B2B)", "capability_id": "action.social.target.Partner", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1552,7 +1465,6 @@ "references": None, "capability_description": "System or network administrator", "capability_id": "action.social.target.System admin", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1563,7 +1475,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.social.target.Other", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1574,7 +1485,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.social.target.Unknown", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1585,7 +1495,6 @@ "references": None, "capability_description": "The social action resulted in additional security access", "capability_id": "action.social.result.Infiltrate", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1596,7 +1505,6 @@ "references": None, "capability_description": "The social action exfiltrated data from the victim", "capability_id": "action.social.result.Exfiltrate", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1607,7 +1515,6 @@ "references": None, "capability_description": "The social action resulted in additional security permissions", "capability_id": "action.social.result.Elevate", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1618,7 +1525,6 @@ "references": None, "capability_description": "The social action used security access or permissions already acuired", "capability_id": "action.social.result.Lateral movement", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1629,7 +1535,6 @@ "references": None, "capability_description": "e.g. cryptomining, ransomware, etc", "capability_id": "action.social.result.Deploy payload", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1640,7 +1545,6 @@ "references": None, "capability_description": "The result of the social action is not listed", "capability_id": "action.social.result.Other", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1651,7 +1555,6 @@ "references": None, "capability_description": "The result of the social action is unknown", "capability_id": "action.social.result.Unknown", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1662,7 +1565,6 @@ "references": None, "capability_description": "The social action did not have a result", "capability_id": "action.social.result.NA", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1673,7 +1575,6 @@ "references": None, "capability_description": "Initiate fraudulent transaction", "capability_id": "attribute.integrity.variety.Fraudulent transaction", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1684,7 +1585,6 @@ "references": None, "capability_description": "Hardware tampering or physical alteration", "capability_id": "attribute.integrity.variety.Hardware tampering", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1695,7 +1595,6 @@ "references": None, "capability_description": "Software installation or code modification", "capability_id": "attribute.integrity.variety.Software installation", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1706,7 +1605,6 @@ "references": None, "capability_description": "Other", "capability_id": "attribute.integrity.variety.Other", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1717,7 +1615,6 @@ "references": None, "capability_description": "No type of development was necessary", "capability_id": "value_chain.development.variety.NA", - "capability_group": "value_chain.development", "status": "non_mappable", }, @@ -1728,7 +1625,6 @@ "references": None, "capability_description": "Command and control. Separate from distribution of mawlare or bots, this is how they are maintained", "capability_id": "value_chain.non-distribution services.variety.C2", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1739,7 +1635,6 @@ "references": None, "capability_description": "Services for testing if malware is detected by anti-virus", "capability_id": "value_chain.non-distribution services.variety.Counter AV", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1750,7 +1645,6 @@ "references": None, "capability_description": "DNS services including fast flux", "capability_id": "value_chain.non-distribution services.variety.DNS", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1761,7 +1655,6 @@ "references": None, "capability_description": "Something kept in the custody of a third party until a condition has been fulfilled.", "capability_id": "value_chain.non-distribution services.variety.Escrow", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1772,7 +1665,6 @@ "references": None, "capability_description": "i.e. converting hashes into the text that produce them", "capability_id": "value_chain.non-distribution services.variety.Hashcracking", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1783,7 +1675,6 @@ "references": None, "capability_description": "Use of a marketplace was required as part of this incident.", "capability_id": "value_chain.non-distribution services.variety.Marketplace", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1794,7 +1685,6 @@ "references": None, "capability_description": "A proxy service (either formally or informally hosted) is used by the actor to obscure their source", "capability_id": "value_chain.non-distribution services.variety.Proxy", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1805,7 +1695,6 @@ "references": None, "capability_description": "A VPN service (either formally or informally hosted) is used by the actor to obscure their source", "capability_id": "value_chain.non-distribution services.variety.VPN", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1816,7 +1705,6 @@ "references": None, "capability_description": "No type of non-distribution service was necessary", "capability_id": "value_chain.non-distribution services.variety.NA", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1827,7 +1715,6 @@ "references": None, "capability_description": "Nothing is known about the need for or type of non-distribution service investment other than it was present.", "capability_id": "value_chain.non-distribution services.variety.Unknown", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1838,7 +1725,6 @@ "references": None, "capability_description": "Credentials the system came with", "capability_id": "value_chain.targeting.variety.Default credentials", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1849,7 +1735,6 @@ "references": None, "capability_description": "Knowledge of system misconfigurations used to pick an organization as a target", "capability_id": "value_chain.targeting.variety.Misconfigurations", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1860,7 +1745,6 @@ "references": None, "capability_description": "The actor used access to a partner to target the victim.", "capability_id": "value_chain.targeting.variety.Partner", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1871,7 +1755,6 @@ "references": None, "capability_description": "Knowledge of software vulnerabilities, both at an organization or associated with a specific vendor's product, used to pick them as a target.", "capability_id": "value_chain.targeting.variety.Vulnerabilities", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1882,7 +1765,6 @@ "references": None, "capability_description": "Knowledge of weaknesses other than vulnerability and misconfigurations used to pick an organization as a target", "capability_id": "value_chain.targeting.variety.Weaknesses", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1893,7 +1775,6 @@ "references": None, "capability_description": "No type of targeting was necessary. (This includes targeted.Targeted since the victim was chosen without targeting.", "capability_id": "value_chain.targeting.variety.NA", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1904,7 +1785,6 @@ "references": None, "capability_description": "The variety of targeting was known, but is not listed", "capability_id": "value_chain.targeting.variety.Other", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1915,7 +1795,6 @@ "references": None, "capability_description": "Nothing is known about the need for or type of targeting investment other than it was present.", "capability_id": "value_chain.targeting.variety.Unknown", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1926,7 +1805,6 @@ "references": None, "capability_description": "Distributed directly from the actor's computer", "capability_id": "value_chain.distribution.variety.Direct", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1937,7 +1815,6 @@ "references": None, "capability_description": "Distribution by email including anonymous/one time and spam", "capability_id": "value_chain.distribution.variety.Email", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1948,7 +1825,6 @@ "references": None, "capability_description": "malware that loads other malware", "capability_id": "value_chain.distribution.variety.Loader", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1959,7 +1835,6 @@ "references": None, "capability_description": "The actor distributed the attack to the victim through a partner, (i.e. supply chain attack).", "capability_id": "value_chain.distribution.variety.Partner", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1970,7 +1845,6 @@ "references": None, "capability_description": "Distribution over the Plain Old Telephone System (POTS).", "capability_id": "value_chain.distribution.variety.Phone", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1981,7 +1855,6 @@ "references": None, "capability_description": "No type of distribution was necessary", "capability_id": "value_chain.distribution.variety.NA", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1992,7 +1865,6 @@ "references": None, "capability_description": "", "capability_id": "attribute.confidentiality.data_disclosure", - "capability_group": "attribute.confidentiality", "status": "non_mappable", }, @@ -2020,7 +1892,7 @@ "attack_object_id": "T1059", "attack_object_name": "Name for T1059", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "capability_group": "2019", "status": "complete", @@ -2030,7 +1902,7 @@ "attack_object_id": "T1190", "attack_object_name": "Name for T1190", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "capability_group": "2019", "status": "complete", @@ -2040,7 +1912,7 @@ "attack_object_id": "T1078", "attack_object_name": "Name for T1078", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "capability_group": "2019", "status": "complete", @@ -2050,7 +1922,7 @@ "attack_object_id": "T1068", "attack_object_name": "Name for T1068", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "capability_group": "2019", "status": "complete",