Skip to content

Commit

Permalink
Merge pull request #2582 from cisagov/DJ-universal-pull
Browse files Browse the repository at this point in the history
Allow vulns to be imported without a service
  • Loading branch information
DJensen94 authored Feb 29, 2024
2 parents 4caa4cf + f55029e commit b3bc06c
Showing 1 changed file with 33 additions and 29 deletions.
62 changes: 33 additions & 29 deletions backend/src/tasks/vuln-sync.ts
Original file line number Diff line number Diff line change
Expand Up @@ -189,35 +189,38 @@ export const handler = async (commandOptions: CommandOptions) => {
}

let serviceId;
try {
// Save discovered services to the Service table
[serviceId] = await saveServicesToDb([
plainToClass(Service, {
domain: { id: domainId },
discoveredBy: { id: commandOptions.scanId },
port: vuln.port,
lastSeen: new Date(vuln.last_seen),
banner:
vuln.banner == null ? null : sanitizeStringField(vuln.banner),
serviceSource: vuln.source,
shodanResults:
vuln.source === 'shodan'
? {
product: vuln.product,
version: vuln.version,
cpe: vuln.cpe
}
: {}
})
]);
console.log('Saved services.');
} catch (e) {
console.error(
'Could not save services. Continuing to next vulnerability.'
);
console.error(e);
continue;
if (vuln.port != null) {
try {
// Save discovered services to the Service table
[serviceId] = await saveServicesToDb([
plainToClass(Service, {
domain: { id: domainId },
discoveredBy: { id: commandOptions.scanId },
port: vuln.port,
lastSeen: new Date(vuln.last_seen),
banner:
vuln.banner == null ? null : sanitizeStringField(vuln.banner),
serviceSource: vuln.source,
shodanResults:
vuln.source === 'shodan'
? {
product: vuln.product,
version: vuln.version,
cpe: vuln.cpe
}
: {}
})
]);
console.log('Saved services.');
} catch (e) {
console.error(
'Could not save services. Continuing to next vulnerability.'
);
console.error(e);
continue;
}
}

try {
const vulns: Vulnerability[] = [];
vulns.push(
Expand All @@ -229,11 +232,12 @@ export const handler = async (commandOptions: CommandOptions) => {
cwe: vuln.cwe,
description: vuln.description,
cvss: vuln.cvss,
severity: vuln.severity,
state: vuln.state,
structuredData: vuln.structuredData,
source: vuln.source,
needsPopulation: vuln.needsPopulation,
service: { id: serviceId }
service: vuln.port == null ? null : { id: serviceId }
})
);
await saveVulnerabilitiesToDb(vulns, false);
Expand Down

0 comments on commit b3bc06c

Please sign in to comment.