From 2d45cd28e524ed10c49a0d4873fc53e11aeef91c Mon Sep 17 00:00:00 2001 From: Artur Ribeiro Date: Tue, 2 Jul 2024 15:35:43 +0100 Subject: [PATCH 1/3] add cwe infos to all cloudFormation queries --- .../aws/access_key_not_rotated_within_90_days/metadata.json | 2 +- .../aws/alb_is_not_integrated_with_waf/metadata.json | 2 +- .../cloudFormation/aws/alb_listening_on_http/metadata.json | 2 +- .../alexa_skill_plaintext_client_secret_exposed/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/amazon_mq_broker_encryption_disabled/metadata.json | 2 +- .../aws/amplify_app_access_token_exposed/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/amplify_app_oauth_token_exposed/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/api_gateway_access_logging_disabled/metadata.json | 2 +- .../aws/api_gateway_cache_cluster_disabled/metadata.json | 2 +- .../aws/api_gateway_cache_encrypted_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../api_gateway_endpoint_config_is_not_private/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws/api_gateway_with_invalid_compression/metadata.json | 2 +- .../aws/api_gateway_with_open_access/metadata.json | 2 +- .../api_gateway_without_configured_authorizer/metadata.json | 2 +- .../aws/api_gateway_without_security_policy/metadata.json | 2 +- .../aws/api_gateway_without_ssl_certificate/metadata.json | 2 +- .../cloudFormation/aws/api_gateway_without_waf/metadata.json | 2 +- .../aws/api_gateway_xray_disabled/metadata.json | 2 +- .../auto_scaling_group_with_no_associated_elb/metadata.json | 2 +- .../aws/automatic_minor_upgrades_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/cdn_configuration_is_missing/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/cloudfront_logging_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../cloudfront_without_minimum_protocol_tls_1.2/metadata.json | 2 +- .../cloudFormation/aws/cloudfront_without_waf/metadata.json | 2 +- .../aws/cloudtrail_log_file_validation_disabled/metadata.json | 2 +- .../cloudtrail_log_files_not_encrypted_with_kms/metadata.json | 2 +- .../aws/cloudtrail_logging_disabled/metadata.json | 2 +- .../aws/cloudtrail_multi_region_disabled/metadata.json | 2 +- .../cloudtrail_not_integrated_with_cloudwatch/metadata.json | 2 +- .../aws/cloudtrail_sns_topic_name_undefined/metadata.json | 2 +- .../aws/cloudwatch_logging_disabled/metadata.json | 2 +- .../aws/cloudwatch_metrics_disabled/metadata.json | 2 +- .../queries/cloudFormation/aws/cmk_is_unusable/metadata.json | 2 +- .../cloudFormation/aws/cmk_rotation_disabled/metadata.json | 2 +- .../cloudFormation/aws/cmk_unencrypted_storage/metadata.json | 2 +- .../cloudFormation/aws/codebuild_not_encrypted/metadata.json | 2 +- .../aws/cognito_userpool_without_mfa/metadata.json | 2 +- .../metadata.json | 2 +- .../config_rule_for_encryption_volumes_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws/db_security_group_open_to_large_scope/metadata.json | 2 +- .../aws/db_security_group_with_public_scope/metadata.json | 2 +- .../cloudFormation/aws/default_kms_key_usage/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws/dms_endpoint_password_exposed/metadata.json | 2 +- .../docdb_cluster_master_password_in_plaintext/metadata.json | 2 +- .../cloudFormation/aws/docdb_logging_disabled/metadata.json | 2 +- .../aws/dynamodb_table_not_encrypted/metadata.json | 2 +- .../metadata.json | 3 ++- .../aws/dynamodb_with_aws_owned_cmk/metadata.json | 2 +- .../metadata.json | 2 +- .../test/positive_expected_result.json | 4 ++-- .../aws/ebs_volume_encryption_disabled/metadata.json | 2 +- .../aws/ebs_volume_not_attached_to_instances/metadata.json | 2 +- .../aws/ebs_volume_without_kms_key_id/metadata.json | 2 +- .../aws/ec2_instance_has_no_iam_role/metadata.json | 2 +- .../aws/ec2_instance_monitoring_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../ec2_instance_using_default_security_group/metadata.json | 2 +- .../aws/ec2_instance_using_default_vpc/metadata.json | 2 +- .../aws/ec2_network_acl_duplicate_rule/metadata.json | 2 +- .../ec2_network_acl_ineffective_denied_traffic/metadata.json | 2 +- .../aws/ec2_network_acl_overlapping_ports/metadata.json | 2 +- .../cloudFormation/aws/ec2_not_ebs_optimized/metadata.json | 2 +- .../aws/ec2_permissive_network_acl_protocols/metadata.json | 2 +- .../ec2_public_instance_exposed_through_subnet/metadata.json | 2 +- .../aws/ec2_sensitive_port_is_publicly_exposed/metadata.json | 2 +- .../aws/ecr_image_tag_not_immutable/metadata.json | 2 +- .../aws/ecr_repository_is_publicly_accessible/metadata.json | 2 +- .../aws/ecs_cluster_container_insights_disabled/metadata.json | 3 ++- .../aws/ecs_cluster_not_encrypted_at_rest/metadata.json | 2 +- .../aws/ecs_no_load_balancer_attached/metadata.json | 2 +- .../aws/ecs_service_admin_role_is_present/metadata.json | 2 +- .../aws/ecs_service_without_running_tasks/metadata.json | 2 +- .../aws/ecs_task_definition_healthcheck_missing/metadata.json | 2 +- .../ecs_task_definition_invalid_cpu_or_memory/metadata.json | 4 ++-- .../metadata.json | 2 +- .../cloudFormation/aws/efs_not_encrypted/metadata.json | 2 +- .../efs_volume_with_disabled_transit_encryption/metadata.json | 2 +- .../queries/cloudFormation/aws/efs_without_kms/metadata.json | 2 +- .../queries/cloudFormation/aws/efs_without_tags/metadata.json | 2 +- .../aws/eks_node_group_remote_access/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/elasticache_using_default_port/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../cloudFormation/aws/elasticache_without_vpc/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/elasticsearch_logs_disabled/metadata.json | 2 +- .../aws/elasticsearch_not_encrypted_at_rest/metadata.json | 2 +- .../aws/elasticsearch_with_https_disabled/metadata.json | 2 +- .../elasticsearch_without_iam_authentication/metadata.json | 2 +- .../aws/elasticsearch_without_slow_logs/metadata.json | 2 +- .../cloudFormation/aws/elb_access_log_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/elb_using_insecure_protocols/metadata.json | 2 +- .../cloudFormation/aws/elb_using_weak_ciphers/metadata.json | 2 +- .../aws/elb_v2_alb_access_log_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws/elb_without_secure_protocol/metadata.json | 2 +- .../metadata.json | 2 +- .../emr_cluster_without_security_configuration/metadata.json | 2 +- .../metadata.json | 2 +- .../queries/cloudFormation/aws/emr_wihout_vpc/metadata.json | 2 +- .../cloudFormation/aws/fully_open_ingress/metadata.json | 2 +- .../metadata.json | 2 +- .../cloudFormation/aws/geo_restriction_disabled/metadata.json | 2 +- .../aws/github_repository_set_to_public/metadata.json | 2 +- .../aws/guardduty_detector_disabled/metadata.json | 2 +- .../aws/hardcoded_aws_access_key_in_lambda/metadata.json | 2 +- .../queries/cloudFormation/aws/http_port_open/metadata.json | 2 +- .../aws/iam_access_analyzer_not_enabled/metadata.json | 2 +- .../aws/iam_database_auth_not_enabled/metadata.json | 2 +- .../cloudFormation/aws/iam_group_without_users/metadata.json | 2 +- .../aws/iam_groups_inline_policies/metadata.json | 2 +- .../aws/iam_managed_policy_applied_to_a_user/metadata.json | 2 +- .../aws/iam_password_without_minimum_length/metadata.json | 2 +- .../aws/iam_policies_attached_to_user/metadata.json | 2 +- .../aws/iam_policies_with_full_privileges/metadata.json | 2 +- .../aws/iam_policies_without_groups/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/iam_policy_grants_full_permissions/metadata.json | 2 +- .../cloudFormation/aws/iam_policy_on_user/metadata.json | 2 +- .../iam_role_allows_all_principals_to_assume/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/iam_user_too_many_access_keys/metadata.json | 2 +- .../cloudFormation/aws/iam_user_with_no_group/metadata.json | 2 +- .../inline_policies_are_attached_to_ecs_service/metadata.json | 2 +- .../cloudFormation/aws/instance_with_no_vpc/metadata.json | 2 +- .../aws/iot_policy_allows_action_as_wildcard/metadata.json | 2 +- .../aws/iot_policy_allows_wildcard_resource/metadata.json | 2 +- .../aws/kinesis_sse_not_configured/metadata.json | 2 +- .../aws/kms_allows_wildcard_principal/metadata.json | 2 +- .../aws/kms_enable_key_rotation_disabled/metadata.json | 2 +- .../aws/kms_key_with_full_permissions/metadata.json | 2 +- .../lambda_function_without_dead_letter_queue/metadata.json | 2 +- .../aws/lambda_function_without_tags/metadata.json | 2 +- .../aws/lambda_functions_with_full_privileges/metadata.json | 2 +- .../lambda_functions_without_unique_iam_roles/metadata.json | 2 +- .../aws/lambda_functions_without_x-ray_tracing/metadata.json | 2 +- .../aws/lambda_permission_misconfigured/metadata.json | 2 +- .../aws/lambda_permission_principal_is_wildcard/metadata.json | 2 +- .../aws/low_rds_backup_retention_period/metadata.json | 2 +- .../aws/mq_broker_is_publicly_accessible/metadata.json | 2 +- .../aws/mq_broker_logging_disabled/metadata.json | 2 +- .../aws/msk_broker_is_publicly_accessible/metadata.json | 2 +- .../aws/msk_cluster_encryption_disabled/metadata.json | 2 +- .../aws/msk_cluster_logging_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws/public_lambda_via_api_gateway/metadata.json | 2 +- .../aws/rds_associated_with_public_subnet/metadata.json | 2 +- .../aws/rds_db_instance_publicly_accessible/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/rds_multi_az_deployment_disabled/metadata.json | 2 +- .../aws/rds_storage_encryption_disabled/metadata.json | 2 +- .../aws/rds_storage_not_encrypted/metadata.json | 2 +- .../cloudFormation/aws/rds_using_default_port/metadata.json | 2 +- .../cloudFormation/aws/rds_with_backup_disabled/metadata.json | 2 +- .../aws/redshift_cluster_logging_disabled/metadata.json | 2 +- .../aws/redshift_cluster_without_kms_cmk/metadata.json | 2 +- .../cloudFormation/aws/redshift_not_encrypted/metadata.json | 2 +- .../aws/redshift_publicly_accessible/metadata.json | 2 +- .../aws/redshift_using_default_port/metadata.json | 2 +- .../cloudFormation/aws/refresh_token_is_exposed/metadata.json | 2 +- .../aws/remote_desktop_port_open_to_internet/metadata.json | 2 +- .../aws/root_account_has_active_access_keys/metadata.json | 2 +- .../cloudFormation/aws/route53_record_undefined/metadata.json | 2 +- .../aws/routertable_with_default_routing/metadata.json | 2 +- .../aws/s3_bucket_access_to_any_principal/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/s3_bucket_acl_allows_read_to_all_users/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws/s3_bucket_allows_public_acl/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws/s3_bucket_cloudtrail_logging_disabled/metadata.json | 2 +- .../aws/s3_bucket_logging_disabled/metadata.json | 2 +- .../aws/s3_bucket_should_have_bucket_policy/metadata.json | 2 +- .../aws/s3_bucket_with_all_permissions/metadata.json | 2 +- .../aws/s3_bucket_with_public_policy/metadata.json | 2 +- .../aws/s3_bucket_with_unsecured_cors_rule/metadata.json | 2 +- .../aws/s3_bucket_without_ignore_public_acl/metadata.json | 2 +- .../metadata.json | 2 +- .../s3_bucket_without_server_side_encryption/metadata.json | 2 +- .../aws/s3_bucket_without_ssl_in_write_actions/metadata.json | 2 +- .../aws/s3_bucket_without_versioning/metadata.json | 2 +- .../aws/s3_static_website_host_enabled/metadata.json | 2 +- .../aws/sagemaker_data_encryption_disabled/metadata.json | 2 +- .../aws/sagemaker_enabling_internet_access/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/sagemaker_notebook_not_placed_in_vpc/metadata.json | 2 +- .../aws/sdb_domain_declared_as_a_resource/metadata.json | 2 +- .../secrets_manager_should_specify_kms_key_id/metadata.json | 2 +- .../cloudFormation/aws/secure_ciphers_disabled/metadata.json | 2 +- .../security_group_egress_cidr_open_to_world/metadata.json | 2 +- .../security_group_egress_with_all_protocols/metadata.json | 2 +- .../aws/security_group_egress_with_port_range/metadata.json | 2 +- .../metadata.json | 2 +- .../security_group_ingress_with_all_protocols/metadata.json | 2 +- .../aws/security_group_ingress_with_port_range/metadata.json | 2 +- .../aws/security_group_rule_without_description/metadata.json | 2 +- .../metadata.json | 2 +- .../security_groups_unrestricted_access_to_rdp/metadata.json | 2 +- .../security_groups_with_exhibited_admin_ports/metadata.json | 2 +- .../aws/security_groups_with_meta_ip/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/security_groups_without_vpc_attached/metadata.json | 2 +- .../aws/shield_advanced_not_in_use/metadata.json | 2 +- .../aws/sns_topic_is_publicly_accessible/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/sns_topic_without_kms_master_key_id/metadata.json | 2 +- .../aws/sqs_policy_with_public_access/metadata.json | 2 +- .../cloudFormation/aws/sqs_with_sse_disabled/metadata.json | 2 +- .../aws/stack_notifications_disabled/metadata.json | 2 +- .../cloudFormation/aws/stack_retention_disabled/metadata.json | 2 +- .../aws/support_has_no_role_associated/metadata.json | 2 +- .../metadata.json | 2 +- .../aws/unknown_port_exposed_to_internet/metadata.json | 2 +- .../aws/unrestricted_security_group_ingress/metadata.json | 2 +- .../cloudFormation/aws/unscanned_ecr_image/metadata.json | 2 +- .../aws/user_data_contains_encoded_private_key/metadata.json | 2 +- .../user_iam_missing_password_reset_required/metadata.json | 2 +- .../aws/vpc_attached_with_too_many_gateways/metadata.json | 2 +- .../cloudFormation/aws/vpc_flowlogs_disabled/metadata.json | 2 +- .../aws/vpc_without_attached_subnet/metadata.json | 2 +- .../aws/vpc_without_network_firewall/metadata.json | 2 +- .../aws/vulnerable_default_ssl_certificate/metadata.json | 2 +- .../aws/webacl_allow_defaultaction/metadata.json | 2 +- .../aws/wildcard_in_acm_certificate_domain_name/metadata.json | 2 +- .../aws/workspace_without_encryption/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/cassandra/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/dynamo/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/ebs/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/efs/metadata.json | 2 +- .../queries/cloudFormation/aws_bom/elasticache/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/kinesis/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/mq/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/msk/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/rds/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/s3_bucket/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/sns/metadata.json | 2 +- assets/queries/cloudFormation/aws_bom/sqs/metadata.json | 2 +- .../metadata.json | 2 +- .../serverless_api_cache_cluster_disabled/metadata.json | 2 +- .../serverless_api_endpoint_config_not_private/metadata.json | 2 +- .../serverless_api_without_content_encoding/metadata.json | 2 +- .../serverless_api_xray_tracing_disabled/metadata.json | 2 +- .../metadata.json | 2 +- .../metadata.json | 2 +- .../aws_sam/serverless_function_without_tags/metadata.json | 2 +- .../serverless_function_without_unique_iam_role/metadata.json | 2 +- .../serverless_function_without_x-ray_tracing/metadata.json | 2 +- 271 files changed, 275 insertions(+), 273 deletions(-) diff --git a/assets/queries/cloudFormation/aws/access_key_not_rotated_within_90_days/metadata.json b/assets/queries/cloudFormation/aws/access_key_not_rotated_within_90_days/metadata.json index a80a67ffe7d..94c51fdb33d 100644 --- a/assets/queries/cloudFormation/aws/access_key_not_rotated_within_90_days/metadata.json +++ b/assets/queries/cloudFormation/aws/access_key_not_rotated_within_90_days/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "148d40cb", "cloudProvider": "aws", - "cwe": "" + "cwe": "522" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/alb_is_not_integrated_with_waf/metadata.json b/assets/queries/cloudFormation/aws/alb_is_not_integrated_with_waf/metadata.json index 417c0b43328..26994dc3208 100644 --- a/assets/queries/cloudFormation/aws/alb_is_not_integrated_with_waf/metadata.json +++ b/assets/queries/cloudFormation/aws/alb_is_not_integrated_with_waf/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2cad71a7", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/alb_listening_on_http/metadata.json b/assets/queries/cloudFormation/aws/alb_listening_on_http/metadata.json index 498d2bbeb36..2e274009cb0 100644 --- a/assets/queries/cloudFormation/aws/alb_listening_on_http/metadata.json +++ b/assets/queries/cloudFormation/aws/alb_listening_on_http/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "55f05412", "cloudProvider": "aws", - "cwe": "", + "cwe": "319", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/alexa_skill_plaintext_client_secret_exposed/metadata.json b/assets/queries/cloudFormation/aws/alexa_skill_plaintext_client_secret_exposed/metadata.json index 363b9276287..f5e1c48597a 100644 --- a/assets/queries/cloudFormation/aws/alexa_skill_plaintext_client_secret_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/alexa_skill_plaintext_client_secret_exposed/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "cd21865c", "cloudProvider": "aws", - "cwe": "" + "cwe": "256" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/amazon_dms_replication_instance_is_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/amazon_dms_replication_instance_is_publicly_accessible/metadata.json index 43a39e158d4..3771dcc43de 100644 --- a/assets/queries/cloudFormation/aws/amazon_dms_replication_instance_is_publicly_accessible/metadata.json +++ b/assets/queries/cloudFormation/aws/amazon_dms_replication_instance_is_publicly_accessible/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "bc97aed1", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/amazon_mq_broker_encryption_disabled/metadata.json b/assets/queries/cloudFormation/aws/amazon_mq_broker_encryption_disabled/metadata.json index 221ca1a888e..db095af5418 100644 --- a/assets/queries/cloudFormation/aws/amazon_mq_broker_encryption_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/amazon_mq_broker_encryption_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "c5d562da", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/amplify_app_access_token_exposed/metadata.json b/assets/queries/cloudFormation/aws/amplify_app_access_token_exposed/metadata.json index ceac1065923..54c6968b364 100644 --- a/assets/queries/cloudFormation/aws/amplify_app_access_token_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/amplify_app_access_token_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "40717425", "cloudProvider": "aws", - "cwe": "", + "cwe": "798", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/amplify_app_basic_auth_config_password_exposed/metadata.json b/assets/queries/cloudFormation/aws/amplify_app_basic_auth_config_password_exposed/metadata.json index 87615b7682d..1108136987d 100644 --- a/assets/queries/cloudFormation/aws/amplify_app_basic_auth_config_password_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/amplify_app_basic_auth_config_password_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "20573b94", "cloudProvider": "aws", - "cwe": "", + "cwe": "798", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/amplify_app_oauth_token_exposed/metadata.json b/assets/queries/cloudFormation/aws/amplify_app_oauth_token_exposed/metadata.json index 7c42484d577..97dea205915 100644 --- a/assets/queries/cloudFormation/aws/amplify_app_oauth_token_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/amplify_app_oauth_token_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "c9abb2c8", "cloudProvider": "aws", - "cwe": "", + "cwe": "798", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/amplify_branch_basic_auth_config_password_exposed/metadata.json b/assets/queries/cloudFormation/aws/amplify_branch_basic_auth_config_password_exposed/metadata.json index ac064db9291..d708a52f66a 100644 --- a/assets/queries/cloudFormation/aws/amplify_branch_basic_auth_config_password_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/amplify_branch_basic_auth_config_password_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f68a0ad6", "cloudProvider": "aws", - "cwe": "", + "cwe": "256", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_access_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_access_logging_disabled/metadata.json index 0e6a78bd9f8..455f5a1ca0e 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_access_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_access_logging_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2a69fc63", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_cache_cluster_disabled/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_cache_cluster_disabled/metadata.json index 975377a772b..b8a02c9b2da 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_cache_cluster_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_cache_cluster_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "c5c1c902", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_cache_encrypted_disabled/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_cache_encrypted_disabled/metadata.json index e8ead2b1865..e8a18734732 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_cache_encrypted_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_cache_encrypted_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "16f89b5d", "cloudProvider": "aws", - "cwe": "" + "cwe": "316" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_deployment_without_access_log_setting/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_deployment_without_access_log_setting/metadata.json index 54ac21232fe..6920af81ce6 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_deployment_without_access_log_setting/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_deployment_without_access_log_setting/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "9587628c", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated/metadata.json index 465aaf30345..00bc2b58e2e 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "8161e665", "cloudProvider": "aws", - "cwe": "" + "cwe": "770" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_endpoint_config_is_not_private/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_endpoint_config_is_not_private/metadata.json index 4515db6534a..d30bf030e05 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_endpoint_config_is_not_private/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_endpoint_config_is_not_private/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "f370d030", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_method_does_not_contains_an_api_key/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_method_does_not_contains_an_api_key/metadata.json index b348049087e..7163dfe0f2a 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_method_does_not_contains_an_api_key/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_method_does_not_contains_an_api_key/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "43a06e88", "cloudProvider": "aws", - "cwe": "" + "cwe": "285" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_stage_without_api_gateway_usage_plan_associated/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_stage_without_api_gateway_usage_plan_associated/metadata.json index d21c5a34fea..6df0ccb83a8 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_stage_without_api_gateway_usage_plan_associated/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_stage_without_api_gateway_usage_plan_associated/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "ad012827", "cloudProvider": "aws", - "cwe": "" + "cwe": "770" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_with_invalid_compression/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_with_invalid_compression/metadata.json index 5c2c0e1a2c8..e443026b47b 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_with_invalid_compression/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_with_invalid_compression/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "de76ae0f", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_with_open_access/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_with_open_access/metadata.json index e99012bde88..25f9ec327cd 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_with_open_access/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_with_open_access/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "d8d6ab46", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_without_configured_authorizer/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_without_configured_authorizer/metadata.json index 50bdf7232fa..d810e115767 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_without_configured_authorizer/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_without_configured_authorizer/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "5734fbc7", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_without_security_policy/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_without_security_policy/metadata.json index 65ae2129b17..9d030e964ef 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_without_security_policy/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_without_security_policy/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "92418e29", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_without_ssl_certificate/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_without_ssl_certificate/metadata.json index 41ac31ec595..a98e96e76a7 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_without_ssl_certificate/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_without_ssl_certificate/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "95c8b13a", "cloudProvider": "aws", - "cwe": "" + "cwe": "295" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_without_waf/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_without_waf/metadata.json index 403e932234d..3912939b592 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_without_waf/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_without_waf/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "774d759c", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/api_gateway_xray_disabled/metadata.json b/assets/queries/cloudFormation/aws/api_gateway_xray_disabled/metadata.json index b31a20ac0ac..ebe635b5f43 100644 --- a/assets/queries/cloudFormation/aws/api_gateway_xray_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/api_gateway_xray_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "7db1d7b0", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/auto_scaling_group_with_no_associated_elb/metadata.json b/assets/queries/cloudFormation/aws/auto_scaling_group_with_no_associated_elb/metadata.json index 58bb765c59b..5988971e400 100644 --- a/assets/queries/cloudFormation/aws/auto_scaling_group_with_no_associated_elb/metadata.json +++ b/assets/queries/cloudFormation/aws/auto_scaling_group_with_no_associated_elb/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "99966f58", "cloudProvider": "aws", - "cwe": "" + "cwe": "400" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json b/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json index 3bbac06ea1a..8ca3bc5661f 100644 --- a/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e2908402", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/batch_job_definition_with_privileged_container_properties/metadata.json b/assets/queries/cloudFormation/aws/batch_job_definition_with_privileged_container_properties/metadata.json index ec66a61e155..1170c81933d 100644 --- a/assets/queries/cloudFormation/aws/batch_job_definition_with_privileged_container_properties/metadata.json +++ b/assets/queries/cloudFormation/aws/batch_job_definition_with_privileged_container_properties/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "c8983ada", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cdn_configuration_is_missing/metadata.json b/assets/queries/cloudFormation/aws/cdn_configuration_is_missing/metadata.json index 90541a2cd6d..b613da47504 100644 --- a/assets/queries/cloudFormation/aws/cdn_configuration_is_missing/metadata.json +++ b/assets/queries/cloudFormation/aws/cdn_configuration_is_missing/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "6a8090b9", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudformation_specifying_credentials_not_safe/metadata.json b/assets/queries/cloudFormation/aws/cloudformation_specifying_credentials_not_safe/metadata.json index 93885b5f21c..5138614017f 100644 --- a/assets/queries/cloudFormation/aws/cloudformation_specifying_credentials_not_safe/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudformation_specifying_credentials_not_safe/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "694c6fa8", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudfront_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/cloudfront_logging_disabled/metadata.json index 351eff1bb0d..21121cfddec 100644 --- a/assets/queries/cloudFormation/aws/cloudfront_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudfront_logging_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "3254d6d0", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudfront_viewer_protocol_policy_allows_http/metadata.json b/assets/queries/cloudFormation/aws/cloudfront_viewer_protocol_policy_allows_http/metadata.json index 7afbf7bf164..c6d03669f71 100644 --- a/assets/queries/cloudFormation/aws/cloudfront_viewer_protocol_policy_allows_http/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudfront_viewer_protocol_policy_allows_http/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "bf860aba", "cloudProvider": "aws", - "cwe": "", + "cwe": "319", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json b/assets/queries/cloudFormation/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json index 8029e5e25f8..0e4069187c9 100644 --- a/assets/queries/cloudFormation/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "e86728bc", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudfront_without_waf/metadata.json b/assets/queries/cloudFormation/aws/cloudfront_without_waf/metadata.json index 2778366e2bb..d2ca68de56d 100644 --- a/assets/queries/cloudFormation/aws/cloudfront_without_waf/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudfront_without_waf/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "fae904ce", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_file_validation_disabled/metadata.json b/assets/queries/cloudFormation/aws/cloudtrail_log_file_validation_disabled/metadata.json index 351d5e47f76..3b1631aab46 100644 --- a/assets/queries/cloudFormation/aws/cloudtrail_log_file_validation_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudtrail_log_file_validation_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "66ab1b20", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_kms/metadata.json b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_kms/metadata.json index 541db243af5..8bc009624e5 100644 --- a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_kms/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_kms/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "cdc07a23", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudtrail_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/cloudtrail_logging_disabled/metadata.json index 0282131c89f..e86690142e6 100644 --- a/assets/queries/cloudFormation/aws/cloudtrail_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudtrail_logging_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "8cabc568", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudtrail_multi_region_disabled/metadata.json b/assets/queries/cloudFormation/aws/cloudtrail_multi_region_disabled/metadata.json index c73af6b140c..32e229f245c 100644 --- a/assets/queries/cloudFormation/aws/cloudtrail_multi_region_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudtrail_multi_region_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "34ddc2cb", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudtrail_not_integrated_with_cloudwatch/metadata.json b/assets/queries/cloudFormation/aws/cloudtrail_not_integrated_with_cloudwatch/metadata.json index 003c7593fb8..c75fc69e887 100644 --- a/assets/queries/cloudFormation/aws/cloudtrail_not_integrated_with_cloudwatch/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudtrail_not_integrated_with_cloudwatch/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f43ba695", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudtrail_sns_topic_name_undefined/metadata.json b/assets/queries/cloudFormation/aws/cloudtrail_sns_topic_name_undefined/metadata.json index cd0b6df2001..80878cdfb68 100644 --- a/assets/queries/cloudFormation/aws/cloudtrail_sns_topic_name_undefined/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudtrail_sns_topic_name_undefined/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "69327f38", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudwatch_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/cloudwatch_logging_disabled/metadata.json index 78a30999339..8d8c8445599 100644 --- a/assets/queries/cloudFormation/aws/cloudwatch_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudwatch_logging_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "617aba8a", "cloudProvider": "aws", - "cwe": "" + "cwe": "779" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cloudwatch_metrics_disabled/metadata.json b/assets/queries/cloudFormation/aws/cloudwatch_metrics_disabled/metadata.json index 158972137ac..a7a41c8cdd7 100644 --- a/assets/queries/cloudFormation/aws/cloudwatch_metrics_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/cloudwatch_metrics_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "72a550b1", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cmk_is_unusable/metadata.json b/assets/queries/cloudFormation/aws/cmk_is_unusable/metadata.json index 1617ac66ca3..670e3bc2233 100644 --- a/assets/queries/cloudFormation/aws/cmk_is_unusable/metadata.json +++ b/assets/queries/cloudFormation/aws/cmk_is_unusable/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2e00cfbb", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cmk_rotation_disabled/metadata.json b/assets/queries/cloudFormation/aws/cmk_rotation_disabled/metadata.json index 85671140049..744f8787ffd 100644 --- a/assets/queries/cloudFormation/aws/cmk_rotation_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/cmk_rotation_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "64ffeb9f", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cmk_unencrypted_storage/metadata.json b/assets/queries/cloudFormation/aws/cmk_unencrypted_storage/metadata.json index 78c162fdfdd..91b22c4dd2a 100644 --- a/assets/queries/cloudFormation/aws/cmk_unencrypted_storage/metadata.json +++ b/assets/queries/cloudFormation/aws/cmk_unencrypted_storage/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "ba38e42e", "cloudProvider": "aws", - "cwe": "" + "cwe": "312" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/codebuild_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws/codebuild_not_encrypted/metadata.json index f6fa4f0ad07..15138ca3e75 100644 --- a/assets/queries/cloudFormation/aws/codebuild_not_encrypted/metadata.json +++ b/assets/queries/cloudFormation/aws/codebuild_not_encrypted/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "3e1306b1", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cognito_userpool_without_mfa/metadata.json b/assets/queries/cloudFormation/aws/cognito_userpool_without_mfa/metadata.json index 11228780181..51d2b61c46b 100644 --- a/assets/queries/cloudFormation/aws/cognito_userpool_without_mfa/metadata.json +++ b/assets/queries/cloudFormation/aws/cognito_userpool_without_mfa/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "32d91e4e", "cloudProvider": "aws", - "cwe": "", + "cwe": "710", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/config_configuration_aggregator_to_all_regions_disabled/metadata.json b/assets/queries/cloudFormation/aws/config_configuration_aggregator_to_all_regions_disabled/metadata.json index 0ca2354f058..16f6a71f760 100644 --- a/assets/queries/cloudFormation/aws/config_configuration_aggregator_to_all_regions_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/config_configuration_aggregator_to_all_regions_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "fb6e5346", "cloudProvider": "aws", - "cwe": "", + "cwe": "710", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/config_rule_for_encryption_volumes_disabled/metadata.json b/assets/queries/cloudFormation/aws/config_rule_for_encryption_volumes_disabled/metadata.json index fa8f5290466..8d26b20f85d 100644 --- a/assets/queries/cloudFormation/aws/config_rule_for_encryption_volumes_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/config_rule_for_encryption_volumes_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "d0026f39", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/connection_between_cloudfront_origin_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws/connection_between_cloudfront_origin_not_encrypted/metadata.json index a4dbfb76575..26459cbf2cd 100644 --- a/assets/queries/cloudFormation/aws/connection_between_cloudfront_origin_not_encrypted/metadata.json +++ b/assets/queries/cloudFormation/aws/connection_between_cloudfront_origin_not_encrypted/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "5e31354c", "cloudProvider": "aws", - "cwe": "", + "cwe": "319", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa/metadata.json b/assets/queries/cloudFormation/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa/metadata.json index 80ed538ab0c..95d0809ede6 100644 --- a/assets/queries/cloudFormation/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa/metadata.json +++ b/assets/queries/cloudFormation/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "8fca679f", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/db_security_group_open_to_large_scope/metadata.json b/assets/queries/cloudFormation/aws/db_security_group_open_to_large_scope/metadata.json index da782457c9a..7277e33f7b1 100644 --- a/assets/queries/cloudFormation/aws/db_security_group_open_to_large_scope/metadata.json +++ b/assets/queries/cloudFormation/aws/db_security_group_open_to_large_scope/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "feeb965a", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/db_security_group_with_public_scope/metadata.json b/assets/queries/cloudFormation/aws/db_security_group_with_public_scope/metadata.json index 1b97ffbc080..e1434a9147e 100644 --- a/assets/queries/cloudFormation/aws/db_security_group_with_public_scope/metadata.json +++ b/assets/queries/cloudFormation/aws/db_security_group_with_public_scope/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "3ddca0cc", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/default_kms_key_usage/metadata.json b/assets/queries/cloudFormation/aws/default_kms_key_usage/metadata.json index 0396226d3a3..bc718aac695 100644 --- a/assets/queries/cloudFormation/aws/default_kms_key_usage/metadata.json +++ b/assets/queries/cloudFormation/aws/default_kms_key_usage/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "d479130b", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/default_security_groups_with_unrestricted_traffic/metadata.json b/assets/queries/cloudFormation/aws/default_security_groups_with_unrestricted_traffic/metadata.json index dd3782dbd23..8fd4fa0973d 100644 --- a/assets/queries/cloudFormation/aws/default_security_groups_with_unrestricted_traffic/metadata.json +++ b/assets/queries/cloudFormation/aws/default_security_groups_with_unrestricted_traffic/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "50b0269e", "cloudProvider": "aws", - "cwe": "" + "cwe": "200" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/directory_service_microsoft_ad_password_set_to_plaintext_or_default_ref/metadata.json b/assets/queries/cloudFormation/aws/directory_service_microsoft_ad_password_set_to_plaintext_or_default_ref/metadata.json index 87dcd7aabaa..35e14b9359e 100644 --- a/assets/queries/cloudFormation/aws/directory_service_microsoft_ad_password_set_to_plaintext_or_default_ref/metadata.json +++ b/assets/queries/cloudFormation/aws/directory_service_microsoft_ad_password_set_to_plaintext_or_default_ref/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "98a72cac", "cloudProvider": "aws", - "cwe": "", + "cwe": "256", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/directory_service_simple_ad_password_exposed/metadata.json b/assets/queries/cloudFormation/aws/directory_service_simple_ad_password_exposed/metadata.json index a509fcd898b..4d50a3f5f86 100644 --- a/assets/queries/cloudFormation/aws/directory_service_simple_ad_password_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/directory_service_simple_ad_password_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "fc2c7fb8", "cloudProvider": "aws", - "cwe": "", + "cwe": "256", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/dms_endpoint_mongo_db_settings_password_exposed/metadata.json b/assets/queries/cloudFormation/aws/dms_endpoint_mongo_db_settings_password_exposed/metadata.json index bfa45b94bf5..0458c8305a3 100644 --- a/assets/queries/cloudFormation/aws/dms_endpoint_mongo_db_settings_password_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/dms_endpoint_mongo_db_settings_password_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "6f895308", "cloudProvider": "aws", - "cwe": "", + "cwe": "256", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/dms_endpoint_password_exposed/metadata.json b/assets/queries/cloudFormation/aws/dms_endpoint_password_exposed/metadata.json index 7a2c17b7b6e..9a5c3a864a7 100644 --- a/assets/queries/cloudFormation/aws/dms_endpoint_password_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/dms_endpoint_password_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "a48ba75f", "cloudProvider": "aws", - "cwe": "", + "cwe": "256", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/docdb_cluster_master_password_in_plaintext/metadata.json b/assets/queries/cloudFormation/aws/docdb_cluster_master_password_in_plaintext/metadata.json index 7282ea87adf..552f104d95b 100644 --- a/assets/queries/cloudFormation/aws/docdb_cluster_master_password_in_plaintext/metadata.json +++ b/assets/queries/cloudFormation/aws/docdb_cluster_master_password_in_plaintext/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "37fb585f", "cloudProvider": "aws", - "cwe": "", + "cwe": "256", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/docdb_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/docdb_logging_disabled/metadata.json index 82eedde0e76..122b357c75a 100644 --- a/assets/queries/cloudFormation/aws/docdb_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/docdb_logging_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "4818ceaf", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/dynamodb_table_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws/dynamodb_table_not_encrypted/metadata.json index ad4e6b28234..30062aafe3d 100644 --- a/assets/queries/cloudFormation/aws/dynamodb_table_not_encrypted/metadata.json +++ b/assets/queries/cloudFormation/aws/dynamodb_table_not_encrypted/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "92975bc8", "cloudProvider": "aws", - "cwe": "", + "cwe": "312", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/dynamodb_table_point_in_time_recovery_disabled/metadata.json b/assets/queries/cloudFormation/aws/dynamodb_table_point_in_time_recovery_disabled/metadata.json index 8182205d01c..64e16a60477 100644 --- a/assets/queries/cloudFormation/aws/dynamodb_table_point_in_time_recovery_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/dynamodb_table_point_in_time_recovery_disabled/metadata.json @@ -7,5 +7,6 @@ "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-pointintimerecoveryspecification.html", "platform": "CloudFormation", "descriptionID": "a0a51171", - "cloudProvider": "aws" + "cloudProvider": "aws", + "cwe": "710" } diff --git a/assets/queries/cloudFormation/aws/dynamodb_with_aws_owned_cmk/metadata.json b/assets/queries/cloudFormation/aws/dynamodb_with_aws_owned_cmk/metadata.json index f738bff2f1d..035b07eb25d 100644 --- a/assets/queries/cloudFormation/aws/dynamodb_with_aws_owned_cmk/metadata.json +++ b/assets/queries/cloudFormation/aws/dynamodb_with_aws_owned_cmk/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a71d0c61", "cloudProvider": "aws", - "cwe": "" + "cwe": "312" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json b/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json index 5baf41641c3..2d8f15bf408 100644 --- a/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json +++ b/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json @@ -1,6 +1,6 @@ { "id": "c333e906-8d8b-4275-b999-78b6318f8dc6", - "queryName": "DynamoDB With Not Recommented Table Billing Mode", + "queryName": "DynamoDB With Not Recommended Table Billing Mode", "severity": "LOW", "category": "Build Process", "descriptionText": "Checks if DynamoDB Table Billing Mode is set to either PAY_PER_REQUEST or PROVISIONED", diff --git a/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/test/positive_expected_result.json index 58b3cf925a2..9d6b05aba69 100644 --- a/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/test/positive_expected_result.json +++ b/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/test/positive_expected_result.json @@ -1,12 +1,12 @@ [ { - "queryName": "DynamoDB With Not Recommented Table Billing Mode", + "queryName": "DynamoDB With Not Recommended Table Billing Mode", "severity": "LOW", "line": 13, "fileName": "positive1.yaml" }, { - "queryName": "DynamoDB With Not Recommented Table Billing Mode", + "queryName": "DynamoDB With Not Recommended Table Billing Mode", "severity": "LOW", "line": 16, "fileName": "positive2.json" diff --git a/assets/queries/cloudFormation/aws/ebs_volume_encryption_disabled/metadata.json b/assets/queries/cloudFormation/aws/ebs_volume_encryption_disabled/metadata.json index 0427a4a7149..294e976c8f2 100644 --- a/assets/queries/cloudFormation/aws/ebs_volume_encryption_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/ebs_volume_encryption_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "8a51c141", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ebs_volume_not_attached_to_instances/metadata.json b/assets/queries/cloudFormation/aws/ebs_volume_not_attached_to_instances/metadata.json index 09fc6f97cf2..6ae3d19264b 100644 --- a/assets/queries/cloudFormation/aws/ebs_volume_not_attached_to_instances/metadata.json +++ b/assets/queries/cloudFormation/aws/ebs_volume_not_attached_to_instances/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "33e2f7f6", "cloudProvider": "aws", - "cwe": "", + "cwe": "200", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ebs_volume_without_kms_key_id/metadata.json b/assets/queries/cloudFormation/aws/ebs_volume_without_kms_key_id/metadata.json index 85d3433a3b3..cc5a91cfdd7 100644 --- a/assets/queries/cloudFormation/aws/ebs_volume_without_kms_key_id/metadata.json +++ b/assets/queries/cloudFormation/aws/ebs_volume_without_kms_key_id/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "a10e872a", "cloudProvider": "aws", - "cwe": "", + "cwe": "710", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_instance_has_no_iam_role/metadata.json b/assets/queries/cloudFormation/aws/ec2_instance_has_no_iam_role/metadata.json index 7dcc969ac45..ba880ca0734 100644 --- a/assets/queries/cloudFormation/aws/ec2_instance_has_no_iam_role/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_instance_has_no_iam_role/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "bf34b145", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_instance_monitoring_disabled/metadata.json b/assets/queries/cloudFormation/aws/ec2_instance_monitoring_disabled/metadata.json index d4271d0ca3a..cabe2e13a5a 100644 --- a/assets/queries/cloudFormation/aws/ec2_instance_monitoring_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_instance_monitoring_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "81e4f520", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "INFO" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_instance_subnet_has_public_ip_mapping_on_launch/metadata.json b/assets/queries/cloudFormation/aws/ec2_instance_subnet_has_public_ip_mapping_on_launch/metadata.json index 065959c2ea9..713de6dc045 100644 --- a/assets/queries/cloudFormation/aws/ec2_instance_subnet_has_public_ip_mapping_on_launch/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_instance_subnet_has_public_ip_mapping_on_launch/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "22e3d598", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_instance_using_default_security_group/metadata.json b/assets/queries/cloudFormation/aws/ec2_instance_using_default_security_group/metadata.json index 0dc14733b52..682d07d552c 100644 --- a/assets/queries/cloudFormation/aws/ec2_instance_using_default_security_group/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_instance_using_default_security_group/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "de993e1a", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_instance_using_default_vpc/metadata.json b/assets/queries/cloudFormation/aws/ec2_instance_using_default_vpc/metadata.json index 5f448b7f402..86ea2e76528 100644 --- a/assets/queries/cloudFormation/aws/ec2_instance_using_default_vpc/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_instance_using_default_vpc/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "8dd9abf5", "cloudProvider": "aws", - "cwe": "" + "cwe": "200" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_network_acl_duplicate_rule/metadata.json b/assets/queries/cloudFormation/aws/ec2_network_acl_duplicate_rule/metadata.json index 19448853403..c3587494f2c 100644 --- a/assets/queries/cloudFormation/aws/ec2_network_acl_duplicate_rule/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_network_acl_duplicate_rule/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "27e96b39", "cloudProvider": "aws", - "cwe": "", + "cwe": "358", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_network_acl_ineffective_denied_traffic/metadata.json b/assets/queries/cloudFormation/aws/ec2_network_acl_ineffective_denied_traffic/metadata.json index fd74626bf59..50ec3629cf7 100644 --- a/assets/queries/cloudFormation/aws/ec2_network_acl_ineffective_denied_traffic/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_network_acl_ineffective_denied_traffic/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e8c34905", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_network_acl_overlapping_ports/metadata.json b/assets/queries/cloudFormation/aws/ec2_network_acl_overlapping_ports/metadata.json index 3937312232a..709a895806f 100644 --- a/assets/queries/cloudFormation/aws/ec2_network_acl_overlapping_ports/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_network_acl_overlapping_ports/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "cb7c8980", "cloudProvider": "aws", - "cwe": "", + "cwe": "385", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_not_ebs_optimized/metadata.json b/assets/queries/cloudFormation/aws/ec2_not_ebs_optimized/metadata.json index aad2a514e46..d6a7418b31f 100644 --- a/assets/queries/cloudFormation/aws/ec2_not_ebs_optimized/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_not_ebs_optimized/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "4d5e32ad", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_permissive_network_acl_protocols/metadata.json b/assets/queries/cloudFormation/aws/ec2_permissive_network_acl_protocols/metadata.json index 930d1054f1e..a265d4c96bb 100644 --- a/assets/queries/cloudFormation/aws/ec2_permissive_network_acl_protocols/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_permissive_network_acl_protocols/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "397e89de", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_public_instance_exposed_through_subnet/metadata.json b/assets/queries/cloudFormation/aws/ec2_public_instance_exposed_through_subnet/metadata.json index 806643561ce..71f0f6d21b0 100644 --- a/assets/queries/cloudFormation/aws/ec2_public_instance_exposed_through_subnet/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_public_instance_exposed_through_subnet/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "163e9a52", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ec2_sensitive_port_is_publicly_exposed/metadata.json b/assets/queries/cloudFormation/aws/ec2_sensitive_port_is_publicly_exposed/metadata.json index 91e113e70f8..38e6827427f 100644 --- a/assets/queries/cloudFormation/aws/ec2_sensitive_port_is_publicly_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/ec2_sensitive_port_is_publicly_exposed/metadata.json @@ -9,5 +9,5 @@ "descriptionID": "680b7e89", "aggregation": 61, "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecr_image_tag_not_immutable/metadata.json b/assets/queries/cloudFormation/aws/ecr_image_tag_not_immutable/metadata.json index f39b24e6613..f509b39c162 100644 --- a/assets/queries/cloudFormation/aws/ecr_image_tag_not_immutable/metadata.json +++ b/assets/queries/cloudFormation/aws/ecr_image_tag_not_immutable/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a4ed2a4f", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecr_repository_is_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/ecr_repository_is_publicly_accessible/metadata.json index e95603a430f..cbfb4837569 100644 --- a/assets/queries/cloudFormation/aws/ecr_repository_is_publicly_accessible/metadata.json +++ b/assets/queries/cloudFormation/aws/ecr_repository_is_publicly_accessible/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "a85a7099", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecs_cluster_container_insights_disabled/metadata.json b/assets/queries/cloudFormation/aws/ecs_cluster_container_insights_disabled/metadata.json index a3467279032..09ee4bc40c2 100644 --- a/assets/queries/cloudFormation/aws/ecs_cluster_container_insights_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_cluster_container_insights_disabled/metadata.json @@ -7,5 +7,6 @@ "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-cluster.html#cfn-ecs-cluster-clustersettings", "platform": "CloudFormation", "descriptionID": "1751124e", - "cloudProvider": "aws" + "cloudProvider": "aws", + "cwe": "778" } diff --git a/assets/queries/cloudFormation/aws/ecs_cluster_not_encrypted_at_rest/metadata.json b/assets/queries/cloudFormation/aws/ecs_cluster_not_encrypted_at_rest/metadata.json index ce39d26abcc..54a1b3e0dcb 100644 --- a/assets/queries/cloudFormation/aws/ecs_cluster_not_encrypted_at_rest/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_cluster_not_encrypted_at_rest/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "512ea20d", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecs_no_load_balancer_attached/metadata.json b/assets/queries/cloudFormation/aws/ecs_no_load_balancer_attached/metadata.json index f03e7721150..cbc65ed0c99 100644 --- a/assets/queries/cloudFormation/aws/ecs_no_load_balancer_attached/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_no_load_balancer_attached/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2f3ec772", "cloudProvider": "aws", - "cwe": "" + "cwe": "400" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecs_service_admin_role_is_present/metadata.json b/assets/queries/cloudFormation/aws/ecs_service_admin_role_is_present/metadata.json index e98cdf0dfb6..c264bef6b2a 100644 --- a/assets/queries/cloudFormation/aws/ecs_service_admin_role_is_present/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_service_admin_role_is_present/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "756701f8", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecs_service_without_running_tasks/metadata.json b/assets/queries/cloudFormation/aws/ecs_service_without_running_tasks/metadata.json index 84316a17ad8..050dfdff1bf 100644 --- a/assets/queries/cloudFormation/aws/ecs_service_without_running_tasks/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_service_without_running_tasks/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "cd242bdd", "cloudProvider": "aws", - "cwe": "", + "cwe": "665", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecs_task_definition_healthcheck_missing/metadata.json b/assets/queries/cloudFormation/aws/ecs_task_definition_healthcheck_missing/metadata.json index 5b24a9c32a4..b3f87a16567 100644 --- a/assets/queries/cloudFormation/aws/ecs_task_definition_healthcheck_missing/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_task_definition_healthcheck_missing/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e2e3a50a", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecs_task_definition_invalid_cpu_or_memory/metadata.json b/assets/queries/cloudFormation/aws/ecs_task_definition_invalid_cpu_or_memory/metadata.json index f1f5b8331af..6004f64a107 100644 --- a/assets/queries/cloudFormation/aws/ecs_task_definition_invalid_cpu_or_memory/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_task_definition_invalid_cpu_or_memory/metadata.json @@ -3,10 +3,10 @@ "queryName": "ECS Task Definition Invalid CPU or Memory", "severity": "LOW", "category": "Resource Management", - "descriptionText": "In ECS Task Definition of FARGATE launch type if you specify an invalid CPU or Memory value, you will receive an error", + "descriptionText": "In an ECS Task Definition with the FARGATE launch type, specifying an invalid CPU or Memory value will result in an error.", "descriptionUrl": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html", "platform": "CloudFormation", "descriptionID": "8fa43a9a", "cloudProvider": "aws", - "cwe": "" + "cwe": "697" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/ecs_task_definition_network_mode_not_recommended/metadata.json b/assets/queries/cloudFormation/aws/ecs_task_definition_network_mode_not_recommended/metadata.json index 05975a5fd64..90971e826bb 100644 --- a/assets/queries/cloudFormation/aws/ecs_task_definition_network_mode_not_recommended/metadata.json +++ b/assets/queries/cloudFormation/aws/ecs_task_definition_network_mode_not_recommended/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "bded2e99", "cloudProvider": "aws", - "cwe": "", + "cwe": "665", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/efs_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws/efs_not_encrypted/metadata.json index e8c1bf2ed49..59e893358f2 100644 --- a/assets/queries/cloudFormation/aws/efs_not_encrypted/metadata.json +++ b/assets/queries/cloudFormation/aws/efs_not_encrypted/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e168cb44", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/efs_volume_with_disabled_transit_encryption/metadata.json b/assets/queries/cloudFormation/aws/efs_volume_with_disabled_transit_encryption/metadata.json index ad13c146901..fca660b7152 100644 --- a/assets/queries/cloudFormation/aws/efs_volume_with_disabled_transit_encryption/metadata.json +++ b/assets/queries/cloudFormation/aws/efs_volume_with_disabled_transit_encryption/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "99f92ea6", "cloudProvider": "aws", - "cwe": "", + "cwe": "312", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/efs_without_kms/metadata.json b/assets/queries/cloudFormation/aws/efs_without_kms/metadata.json index 36394e1706a..6fbb277a9e2 100644 --- a/assets/queries/cloudFormation/aws/efs_without_kms/metadata.json +++ b/assets/queries/cloudFormation/aws/efs_without_kms/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f5a9536a", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/efs_without_tags/metadata.json b/assets/queries/cloudFormation/aws/efs_without_tags/metadata.json index 1ce98430f3f..7812041639d 100644 --- a/assets/queries/cloudFormation/aws/efs_without_tags/metadata.json +++ b/assets/queries/cloudFormation/aws/efs_without_tags/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a7eb7aff", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/eks_node_group_remote_access/metadata.json b/assets/queries/cloudFormation/aws/eks_node_group_remote_access/metadata.json index 05e67b4c041..2d486bde6c5 100644 --- a/assets/queries/cloudFormation/aws/eks_node_group_remote_access/metadata.json +++ b/assets/queries/cloudFormation/aws/eks_node_group_remote_access/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "b3ebf24c", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticache_nodes_not_created_across_multi_az/metadata.json b/assets/queries/cloudFormation/aws/elasticache_nodes_not_created_across_multi_az/metadata.json index cc88cc1bab2..237019237e1 100644 --- a/assets/queries/cloudFormation/aws/elasticache_nodes_not_created_across_multi_az/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticache_nodes_not_created_across_multi_az/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "35f94973", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticache_using_default_port/metadata.json b/assets/queries/cloudFormation/aws/elasticache_using_default_port/metadata.json index 263c3adbe7c..eb7d727466c 100644 --- a/assets/queries/cloudFormation/aws/elasticache_using_default_port/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticache_using_default_port/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "5aef27fd", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticache_with_disabled_at_rest_encryption/metadata.json b/assets/queries/cloudFormation/aws/elasticache_with_disabled_at_rest_encryption/metadata.json index 73be69b3f1a..8133ab7d32d 100644 --- a/assets/queries/cloudFormation/aws/elasticache_with_disabled_at_rest_encryption/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticache_with_disabled_at_rest_encryption/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "86353328", "cloudProvider": "aws", - "cwe": "" + "cwe": "312" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticache_with_disabled_transit_encryption/metadata.json b/assets/queries/cloudFormation/aws/elasticache_with_disabled_transit_encryption/metadata.json index c60e1177ed9..1e6421818c4 100644 --- a/assets/queries/cloudFormation/aws/elasticache_with_disabled_transit_encryption/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticache_with_disabled_transit_encryption/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "b1ce0b9f", "cloudProvider": "aws", - "cwe": "", + "cwe": "312", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticache_without_vpc/metadata.json b/assets/queries/cloudFormation/aws/elasticache_without_vpc/metadata.json index 42fb06c191e..dba09d166f1 100644 --- a/assets/queries/cloudFormation/aws/elasticache_without_vpc/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticache_without_vpc/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "68db93b8", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticsearch_domain_encryption_with_kms_disabled/metadata.json b/assets/queries/cloudFormation/aws/elasticsearch_domain_encryption_with_kms_disabled/metadata.json index f0ca38341c2..e424c569918 100644 --- a/assets/queries/cloudFormation/aws/elasticsearch_domain_encryption_with_kms_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticsearch_domain_encryption_with_kms_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "6700680a", "cloudProvider": "aws", - "cwe": "", + "cwe": "326", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticsearch_logs_disabled/metadata.json b/assets/queries/cloudFormation/aws/elasticsearch_logs_disabled/metadata.json index 3393e51188a..16a41f761aa 100644 --- a/assets/queries/cloudFormation/aws/elasticsearch_logs_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticsearch_logs_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e2451952", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticsearch_not_encrypted_at_rest/metadata.json b/assets/queries/cloudFormation/aws/elasticsearch_not_encrypted_at_rest/metadata.json index daf753420ec..bc7296feed7 100644 --- a/assets/queries/cloudFormation/aws/elasticsearch_not_encrypted_at_rest/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticsearch_not_encrypted_at_rest/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "645512cb", "cloudProvider": "aws", - "cwe": "", + "cwe": "319", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticsearch_with_https_disabled/metadata.json b/assets/queries/cloudFormation/aws/elasticsearch_with_https_disabled/metadata.json index f0a351c88be..5867b2f530d 100644 --- a/assets/queries/cloudFormation/aws/elasticsearch_with_https_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticsearch_with_https_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "8575a1d7", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticsearch_without_iam_authentication/metadata.json b/assets/queries/cloudFormation/aws/elasticsearch_without_iam_authentication/metadata.json index 3f96766d346..256812abb74 100644 --- a/assets/queries/cloudFormation/aws/elasticsearch_without_iam_authentication/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticsearch_without_iam_authentication/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "af727c29", "cloudProvider": "aws", - "cwe": "" + "cwe": "285" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elasticsearch_without_slow_logs/metadata.json b/assets/queries/cloudFormation/aws/elasticsearch_without_slow_logs/metadata.json index 25c6c1b83d9..aca10542aa8 100644 --- a/assets/queries/cloudFormation/aws/elasticsearch_without_slow_logs/metadata.json +++ b/assets/queries/cloudFormation/aws/elasticsearch_without_slow_logs/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "72d32380", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_access_log_disabled/metadata.json b/assets/queries/cloudFormation/aws/elb_access_log_disabled/metadata.json index 0ae77985030..d3823454464 100644 --- a/assets/queries/cloudFormation/aws/elb_access_log_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_access_log_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "8f49cae7", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_sensitive_port_is_exposed_to_entire_network/metadata.json b/assets/queries/cloudFormation/aws/elb_sensitive_port_is_exposed_to_entire_network/metadata.json index d4221ea7aed..35ee4b3803f 100644 --- a/assets/queries/cloudFormation/aws/elb_sensitive_port_is_exposed_to_entire_network/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_sensitive_port_is_exposed_to_entire_network/metadata.json @@ -9,5 +9,5 @@ "descriptionID": "f26797b1", "aggregation": 183, "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_using_insecure_protocols/metadata.json b/assets/queries/cloudFormation/aws/elb_using_insecure_protocols/metadata.json index b9a251a0ab5..e169d8b4a1f 100644 --- a/assets/queries/cloudFormation/aws/elb_using_insecure_protocols/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_using_insecure_protocols/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "cd6bbd85", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_using_weak_ciphers/metadata.json b/assets/queries/cloudFormation/aws/elb_using_weak_ciphers/metadata.json index 013d00f6224..bdc8279b672 100644 --- a/assets/queries/cloudFormation/aws/elb_using_weak_ciphers/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_using_weak_ciphers/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "94a91040", "cloudProvider": "aws", - "cwe": "" + "cwe": "326" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_v2_alb_access_log_disabled/metadata.json b/assets/queries/cloudFormation/aws/elb_v2_alb_access_log_disabled/metadata.json index 8515fa6818a..1d26e9a6809 100644 --- a/assets/queries/cloudFormation/aws/elb_v2_alb_access_log_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_v2_alb_access_log_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "1b941e35", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_with_security_group_without_inbound_rules/metadata.json b/assets/queries/cloudFormation/aws/elb_with_security_group_without_inbound_rules/metadata.json index eb33ab1a124..9c03ebe62e5 100644 --- a/assets/queries/cloudFormation/aws/elb_with_security_group_without_inbound_rules/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_with_security_group_without_inbound_rules/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "3ccdd7d2", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_with_security_group_without_outbound_rules/metadata.json b/assets/queries/cloudFormation/aws/elb_with_security_group_without_outbound_rules/metadata.json index 42cf9aa2e8f..61e97d3f36c 100644 --- a/assets/queries/cloudFormation/aws/elb_with_security_group_without_outbound_rules/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_with_security_group_without_outbound_rules/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "7b876844", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/elb_without_secure_protocol/metadata.json b/assets/queries/cloudFormation/aws/elb_without_secure_protocol/metadata.json index 605501186e9..10c440cf32a 100644 --- a/assets/queries/cloudFormation/aws/elb_without_secure_protocol/metadata.json +++ b/assets/queries/cloudFormation/aws/elb_without_secure_protocol/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "0cbd1ac7", "cloudProvider": "aws", - "cwe": "", + "cwe": "319", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/empty_roles_for_ecs_cluster_task_definitions/metadata.json b/assets/queries/cloudFormation/aws/empty_roles_for_ecs_cluster_task_definitions/metadata.json index 35f8f2e5e30..73a0f481da3 100644 --- a/assets/queries/cloudFormation/aws/empty_roles_for_ecs_cluster_task_definitions/metadata.json +++ b/assets/queries/cloudFormation/aws/empty_roles_for_ecs_cluster_task_definitions/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b47b42b2", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/emr_cluster_without_security_configuration/metadata.json b/assets/queries/cloudFormation/aws/emr_cluster_without_security_configuration/metadata.json index e9ee2b6652a..6e30ab5a420 100644 --- a/assets/queries/cloudFormation/aws/emr_cluster_without_security_configuration/metadata.json +++ b/assets/queries/cloudFormation/aws/emr_cluster_without_security_configuration/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "17e140e2", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/emr_security_configuration_encryptions_enabled/metadata.json b/assets/queries/cloudFormation/aws/emr_security_configuration_encryptions_enabled/metadata.json index 823c1488796..5d7d12e33bb 100644 --- a/assets/queries/cloudFormation/aws/emr_security_configuration_encryptions_enabled/metadata.json +++ b/assets/queries/cloudFormation/aws/emr_security_configuration_encryptions_enabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "672bc6a7", "cloudProvider": "aws", - "cwe": "" + "cwe": "319" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/emr_wihout_vpc/metadata.json b/assets/queries/cloudFormation/aws/emr_wihout_vpc/metadata.json index 69c7f3f4c19..bda32c493a0 100644 --- a/assets/queries/cloudFormation/aws/emr_wihout_vpc/metadata.json +++ b/assets/queries/cloudFormation/aws/emr_wihout_vpc/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "26800d21", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/fully_open_ingress/metadata.json b/assets/queries/cloudFormation/aws/fully_open_ingress/metadata.json index 55a36422ef3..b296f750115 100644 --- a/assets/queries/cloudFormation/aws/fully_open_ingress/metadata.json +++ b/assets/queries/cloudFormation/aws/fully_open_ingress/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "747f49ac", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/gamelift_fleet_ec2_inbound_permissions_with_port_range/metadata.json b/assets/queries/cloudFormation/aws/gamelift_fleet_ec2_inbound_permissions_with_port_range/metadata.json index 4cc4046a1f3..337e6e05bf8 100644 --- a/assets/queries/cloudFormation/aws/gamelift_fleet_ec2_inbound_permissions_with_port_range/metadata.json +++ b/assets/queries/cloudFormation/aws/gamelift_fleet_ec2_inbound_permissions_with_port_range/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2f59d790", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/geo_restriction_disabled/metadata.json b/assets/queries/cloudFormation/aws/geo_restriction_disabled/metadata.json index dacade84c72..a612c2dfb67 100644 --- a/assets/queries/cloudFormation/aws/geo_restriction_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/geo_restriction_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "18f149b3", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/github_repository_set_to_public/metadata.json b/assets/queries/cloudFormation/aws/github_repository_set_to_public/metadata.json index a94d1cd54f6..c332ebae5fc 100644 --- a/assets/queries/cloudFormation/aws/github_repository_set_to_public/metadata.json +++ b/assets/queries/cloudFormation/aws/github_repository_set_to_public/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "76e2bdab", "cloudProvider": "aws", - "cwe": "" + "cwe": "200" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/guardduty_detector_disabled/metadata.json b/assets/queries/cloudFormation/aws/guardduty_detector_disabled/metadata.json index 0bbb1156fff..48b233f98fe 100644 --- a/assets/queries/cloudFormation/aws/guardduty_detector_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/guardduty_detector_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "cae19394", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/hardcoded_aws_access_key_in_lambda/metadata.json b/assets/queries/cloudFormation/aws/hardcoded_aws_access_key_in_lambda/metadata.json index a231ca08f23..9f8441669d5 100644 --- a/assets/queries/cloudFormation/aws/hardcoded_aws_access_key_in_lambda/metadata.json +++ b/assets/queries/cloudFormation/aws/hardcoded_aws_access_key_in_lambda/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "ff065e3b", "cloudProvider": "aws", - "cwe": "", + "cwe": "798", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/http_port_open/metadata.json b/assets/queries/cloudFormation/aws/http_port_open/metadata.json index 2dc258ead18..98fb522f2e3 100644 --- a/assets/queries/cloudFormation/aws/http_port_open/metadata.json +++ b/assets/queries/cloudFormation/aws/http_port_open/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "a39efd21", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_access_analyzer_not_enabled/metadata.json b/assets/queries/cloudFormation/aws/iam_access_analyzer_not_enabled/metadata.json index 14567ede9ab..5a6489730a9 100644 --- a/assets/queries/cloudFormation/aws/iam_access_analyzer_not_enabled/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_access_analyzer_not_enabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "24a6978e", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_database_auth_not_enabled/metadata.json b/assets/queries/cloudFormation/aws/iam_database_auth_not_enabled/metadata.json index 69f0d8e56b5..8736f418485 100644 --- a/assets/queries/cloudFormation/aws/iam_database_auth_not_enabled/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_database_auth_not_enabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "e4c2c085", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_group_without_users/metadata.json b/assets/queries/cloudFormation/aws/iam_group_without_users/metadata.json index 6bbf991edd0..4e7bfba6d8c 100644 --- a/assets/queries/cloudFormation/aws/iam_group_without_users/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_group_without_users/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "c23dca47", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_groups_inline_policies/metadata.json b/assets/queries/cloudFormation/aws/iam_groups_inline_policies/metadata.json index cb2b5f85810..61c8671ec1e 100644 --- a/assets/queries/cloudFormation/aws/iam_groups_inline_policies/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_groups_inline_policies/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e89236a1", "cloudProvider": "aws", - "cwe": "" + "cwe": "286" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_managed_policy_applied_to_a_user/metadata.json b/assets/queries/cloudFormation/aws/iam_managed_policy_applied_to_a_user/metadata.json index fa667f682e7..bcbb0ea44bb 100644 --- a/assets/queries/cloudFormation/aws/iam_managed_policy_applied_to_a_user/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_managed_policy_applied_to_a_user/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e7fa1d68", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_password_without_minimum_length/metadata.json b/assets/queries/cloudFormation/aws/iam_password_without_minimum_length/metadata.json index 705ac110623..5bb8e20acf4 100644 --- a/assets/queries/cloudFormation/aws/iam_password_without_minimum_length/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_password_without_minimum_length/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "46859482", "cloudProvider": "aws", - "cwe": "", + "cwe": "710", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_policies_attached_to_user/metadata.json b/assets/queries/cloudFormation/aws/iam_policies_attached_to_user/metadata.json index e43a6ce2f92..79f3259d0be 100644 --- a/assets/queries/cloudFormation/aws/iam_policies_attached_to_user/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_policies_attached_to_user/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "c1857bae", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_policies_with_full_privileges/metadata.json b/assets/queries/cloudFormation/aws/iam_policies_with_full_privileges/metadata.json index 0bcd43ffe9c..d0d19d83bac 100644 --- a/assets/queries/cloudFormation/aws/iam_policies_with_full_privileges/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_policies_with_full_privileges/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "faa72156", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_policies_without_groups/metadata.json b/assets/queries/cloudFormation/aws/iam_policies_without_groups/metadata.json index b9ec6913b3b..33ba4f724b2 100644 --- a/assets/queries/cloudFormation/aws/iam_policies_without_groups/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_policies_without_groups/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "d9bcf74d", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_policy_grants_assumerole_permission_across_all_services/metadata.json b/assets/queries/cloudFormation/aws/iam_policy_grants_assumerole_permission_across_all_services/metadata.json index 6ed6c281ea2..4cbd1441cf0 100644 --- a/assets/queries/cloudFormation/aws/iam_policy_grants_assumerole_permission_across_all_services/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_policy_grants_assumerole_permission_across_all_services/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "eba1aa1b", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json b/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json index fd08923a7e5..280f0ded9f4 100644 --- a/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "d4158e76", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_policy_on_user/metadata.json b/assets/queries/cloudFormation/aws/iam_policy_on_user/metadata.json index 840ab00a807..ca371e87dbb 100644 --- a/assets/queries/cloudFormation/aws/iam_policy_on_user/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_policy_on_user/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "50f7785d", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_role_allows_all_principals_to_assume/metadata.json b/assets/queries/cloudFormation/aws/iam_role_allows_all_principals_to_assume/metadata.json index b3439bc20e3..ab3153ef2e1 100644 --- a/assets/queries/cloudFormation/aws/iam_role_allows_all_principals_to_assume/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_role_allows_all_principals_to_assume/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "13e52bb7", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_user_login_profile_password_is_in_plaintext/metadata.json b/assets/queries/cloudFormation/aws/iam_user_login_profile_password_is_in_plaintext/metadata.json index 5d8887fe523..beff7086235 100644 --- a/assets/queries/cloudFormation/aws/iam_user_login_profile_password_is_in_plaintext/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_user_login_profile_password_is_in_plaintext/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "0dc817e6", "cloudProvider": "aws", - "cwe": "", + "cwe": "256", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_user_too_many_access_keys/metadata.json b/assets/queries/cloudFormation/aws/iam_user_too_many_access_keys/metadata.json index cfb13ccc3cb..4619d1b5bb8 100644 --- a/assets/queries/cloudFormation/aws/iam_user_too_many_access_keys/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_user_too_many_access_keys/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "90135931", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iam_user_with_no_group/metadata.json b/assets/queries/cloudFormation/aws/iam_user_with_no_group/metadata.json index 69bd98db189..d19539c070e 100644 --- a/assets/queries/cloudFormation/aws/iam_user_with_no_group/metadata.json +++ b/assets/queries/cloudFormation/aws/iam_user_with_no_group/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "d7e9b179", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/inline_policies_are_attached_to_ecs_service/metadata.json b/assets/queries/cloudFormation/aws/inline_policies_are_attached_to_ecs_service/metadata.json index efeae12526d..ccdf49e560f 100644 --- a/assets/queries/cloudFormation/aws/inline_policies_are_attached_to_ecs_service/metadata.json +++ b/assets/queries/cloudFormation/aws/inline_policies_are_attached_to_ecs_service/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "4706b78f", "cloudProvider": "aws", - "cwe": "", + "cwe": "286", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/instance_with_no_vpc/metadata.json b/assets/queries/cloudFormation/aws/instance_with_no_vpc/metadata.json index d6482c0957d..eb780e4de48 100644 --- a/assets/queries/cloudFormation/aws/instance_with_no_vpc/metadata.json +++ b/assets/queries/cloudFormation/aws/instance_with_no_vpc/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "c2bb3a56", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iot_policy_allows_action_as_wildcard/metadata.json b/assets/queries/cloudFormation/aws/iot_policy_allows_action_as_wildcard/metadata.json index 571ba84e706..5f07bbbd0a3 100644 --- a/assets/queries/cloudFormation/aws/iot_policy_allows_action_as_wildcard/metadata.json +++ b/assets/queries/cloudFormation/aws/iot_policy_allows_action_as_wildcard/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e4417496", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/iot_policy_allows_wildcard_resource/metadata.json b/assets/queries/cloudFormation/aws/iot_policy_allows_wildcard_resource/metadata.json index db41eff55d6..60d3f263570 100644 --- a/assets/queries/cloudFormation/aws/iot_policy_allows_wildcard_resource/metadata.json +++ b/assets/queries/cloudFormation/aws/iot_policy_allows_wildcard_resource/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "d5e52bc7", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/kinesis_sse_not_configured/metadata.json b/assets/queries/cloudFormation/aws/kinesis_sse_not_configured/metadata.json index 4e7c43dd8d0..d25ee283ba3 100644 --- a/assets/queries/cloudFormation/aws/kinesis_sse_not_configured/metadata.json +++ b/assets/queries/cloudFormation/aws/kinesis_sse_not_configured/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a8238dc8", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/kms_allows_wildcard_principal/metadata.json b/assets/queries/cloudFormation/aws/kms_allows_wildcard_principal/metadata.json index e5266e615ff..c226215b8d4 100644 --- a/assets/queries/cloudFormation/aws/kms_allows_wildcard_principal/metadata.json +++ b/assets/queries/cloudFormation/aws/kms_allows_wildcard_principal/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "0b89626d", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/kms_enable_key_rotation_disabled/metadata.json b/assets/queries/cloudFormation/aws/kms_enable_key_rotation_disabled/metadata.json index 5e8c0040b61..931ffe02b31 100644 --- a/assets/queries/cloudFormation/aws/kms_enable_key_rotation_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/kms_enable_key_rotation_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "323313bc", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/kms_key_with_full_permissions/metadata.json b/assets/queries/cloudFormation/aws/kms_key_with_full_permissions/metadata.json index 82ca750f424..1a30551b56a 100644 --- a/assets/queries/cloudFormation/aws/kms_key_with_full_permissions/metadata.json +++ b/assets/queries/cloudFormation/aws/kms_key_with_full_permissions/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "1f88b704", "cloudProvider": "aws", - "cwe": "" + "cwe": "326" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/lambda_function_without_dead_letter_queue/metadata.json b/assets/queries/cloudFormation/aws/lambda_function_without_dead_letter_queue/metadata.json index a4a7d9904be..99d242e91d7 100644 --- a/assets/queries/cloudFormation/aws/lambda_function_without_dead_letter_queue/metadata.json +++ b/assets/queries/cloudFormation/aws/lambda_function_without_dead_letter_queue/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "d5d9d047", "cloudProvider": "aws", - "cwe": "" + "cwe": "390" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/lambda_function_without_tags/metadata.json b/assets/queries/cloudFormation/aws/lambda_function_without_tags/metadata.json index b4f20edec35..c17d13e8dda 100644 --- a/assets/queries/cloudFormation/aws/lambda_function_without_tags/metadata.json +++ b/assets/queries/cloudFormation/aws/lambda_function_without_tags/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "664675e7", "cloudProvider": "aws", - "cwe": "", + "cwe": "665", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/lambda_functions_with_full_privileges/metadata.json b/assets/queries/cloudFormation/aws/lambda_functions_with_full_privileges/metadata.json index 3ef4826feea..947876b8144 100644 --- a/assets/queries/cloudFormation/aws/lambda_functions_with_full_privileges/metadata.json +++ b/assets/queries/cloudFormation/aws/lambda_functions_with_full_privileges/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "48d30c57", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/lambda_functions_without_unique_iam_roles/metadata.json b/assets/queries/cloudFormation/aws/lambda_functions_without_unique_iam_roles/metadata.json index 4f6612243d7..0287254fabc 100644 --- a/assets/queries/cloudFormation/aws/lambda_functions_without_unique_iam_roles/metadata.json +++ b/assets/queries/cloudFormation/aws/lambda_functions_without_unique_iam_roles/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f919ad7e", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/lambda_functions_without_x-ray_tracing/metadata.json b/assets/queries/cloudFormation/aws/lambda_functions_without_x-ray_tracing/metadata.json index bdf156e6f56..5bec97f7f6c 100644 --- a/assets/queries/cloudFormation/aws/lambda_functions_without_x-ray_tracing/metadata.json +++ b/assets/queries/cloudFormation/aws/lambda_functions_without_x-ray_tracing/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "26afaa67", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/lambda_permission_misconfigured/metadata.json b/assets/queries/cloudFormation/aws/lambda_permission_misconfigured/metadata.json index e6c294f5ada..b6bf4404ac4 100644 --- a/assets/queries/cloudFormation/aws/lambda_permission_misconfigured/metadata.json +++ b/assets/queries/cloudFormation/aws/lambda_permission_misconfigured/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "dec6dd24", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/lambda_permission_principal_is_wildcard/metadata.json b/assets/queries/cloudFormation/aws/lambda_permission_principal_is_wildcard/metadata.json index 7ddc9f7dba3..7de4ae5bf3e 100644 --- a/assets/queries/cloudFormation/aws/lambda_permission_principal_is_wildcard/metadata.json +++ b/assets/queries/cloudFormation/aws/lambda_permission_principal_is_wildcard/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "cfa9120c", "cloudProvider": "aws", - "cwe": "" + "cwe": "155" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/low_rds_backup_retention_period/metadata.json b/assets/queries/cloudFormation/aws/low_rds_backup_retention_period/metadata.json index 2ef0a50901f..9a1f86a86be 100644 --- a/assets/queries/cloudFormation/aws/low_rds_backup_retention_period/metadata.json +++ b/assets/queries/cloudFormation/aws/low_rds_backup_retention_period/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "55094eb2", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/mq_broker_is_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/mq_broker_is_publicly_accessible/metadata.json index ee81a9a2b9d..ca91e4a5161 100644 --- a/assets/queries/cloudFormation/aws/mq_broker_is_publicly_accessible/metadata.json +++ b/assets/queries/cloudFormation/aws/mq_broker_is_publicly_accessible/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "59b368a9", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/mq_broker_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/mq_broker_logging_disabled/metadata.json index dd4e6d5f097..3a66da681cb 100644 --- a/assets/queries/cloudFormation/aws/mq_broker_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/mq_broker_logging_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "3799829c", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/msk_broker_is_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/msk_broker_is_publicly_accessible/metadata.json index 5930ad53e0d..0e17ecd30ba 100644 --- a/assets/queries/cloudFormation/aws/msk_broker_is_publicly_accessible/metadata.json +++ b/assets/queries/cloudFormation/aws/msk_broker_is_publicly_accessible/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "dcf6ab9f", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/msk_cluster_encryption_disabled/metadata.json b/assets/queries/cloudFormation/aws/msk_cluster_encryption_disabled/metadata.json index 83ebc6e8034..3ab62de2070 100644 --- a/assets/queries/cloudFormation/aws/msk_cluster_encryption_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/msk_cluster_encryption_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "c8e65b67", "cloudProvider": "aws", - "cwe": "" + "cwe": "319" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/msk_cluster_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/msk_cluster_logging_disabled/metadata.json index 0df10c00a43..50d902e4083 100644 --- a/assets/queries/cloudFormation/aws/msk_cluster_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/msk_cluster_logging_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "1d9a0a75", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/neptune_cluster_with_iam_database_authentication_disabled/metadata.json b/assets/queries/cloudFormation/aws/neptune_cluster_with_iam_database_authentication_disabled/metadata.json index 2f4c213653c..6de36e5e89d 100644 --- a/assets/queries/cloudFormation/aws/neptune_cluster_with_iam_database_authentication_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/neptune_cluster_with_iam_database_authentication_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "39cddadb", "cloudProvider": "aws", - "cwe": "", + "cwe": "285", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/neptune_database_cluster_encryption_disabled/metadata.json b/assets/queries/cloudFormation/aws/neptune_database_cluster_encryption_disabled/metadata.json index fcaa5fe8f77..791a64a5aed 100644 --- a/assets/queries/cloudFormation/aws/neptune_database_cluster_encryption_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/neptune_database_cluster_encryption_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "b2c5f5dd", "cloudProvider": "aws", - "cwe": "", + "cwe": "312", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/public_lambda_via_api_gateway/metadata.json b/assets/queries/cloudFormation/aws/public_lambda_via_api_gateway/metadata.json index 987427b0fdb..e203dbfc6eb 100644 --- a/assets/queries/cloudFormation/aws/public_lambda_via_api_gateway/metadata.json +++ b/assets/queries/cloudFormation/aws/public_lambda_via_api_gateway/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "32ccc415", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_associated_with_public_subnet/metadata.json b/assets/queries/cloudFormation/aws/rds_associated_with_public_subnet/metadata.json index ad13275a7d9..08283cf7563 100644 --- a/assets/queries/cloudFormation/aws/rds_associated_with_public_subnet/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_associated_with_public_subnet/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "be2d1742", "cloudProvider": "aws", - "cwe": "", + "cwe": "200", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_db_instance_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/rds_db_instance_publicly_accessible/metadata.json index 3649c69f3d7..a0c8cc5118a 100644 --- a/assets/queries/cloudFormation/aws/rds_db_instance_publicly_accessible/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_db_instance_publicly_accessible/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "dae1e8ab", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_db_instance_with_deletion_protection_disabled/metadata.json b/assets/queries/cloudFormation/aws/rds_db_instance_with_deletion_protection_disabled/metadata.json index 986502d7792..ef23d74ca65 100644 --- a/assets/queries/cloudFormation/aws/rds_db_instance_with_deletion_protection_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_db_instance_with_deletion_protection_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "606a0602", "cloudProvider": "aws", - "cwe": "" + "cwe": "459" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_multi_az_deployment_disabled/metadata.json b/assets/queries/cloudFormation/aws/rds_multi_az_deployment_disabled/metadata.json index c60db4f8f2d..52ed4b48f42 100644 --- a/assets/queries/cloudFormation/aws/rds_multi_az_deployment_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_multi_az_deployment_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "4bdb6677", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_storage_encryption_disabled/metadata.json b/assets/queries/cloudFormation/aws/rds_storage_encryption_disabled/metadata.json index 0171e30133f..e0d2134a36f 100644 --- a/assets/queries/cloudFormation/aws/rds_storage_encryption_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_storage_encryption_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "654ec248", "cloudProvider": "aws", - "cwe": "", + "cwe": "312", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_storage_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws/rds_storage_not_encrypted/metadata.json index aee5118756b..984f73d6e62 100644 --- a/assets/queries/cloudFormation/aws/rds_storage_not_encrypted/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_storage_not_encrypted/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "f052de92", "cloudProvider": "aws", - "cwe": "" + "cwe": "312" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_using_default_port/metadata.json b/assets/queries/cloudFormation/aws/rds_using_default_port/metadata.json index b156801d81c..b4791c7ee1d 100644 --- a/assets/queries/cloudFormation/aws/rds_using_default_port/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_using_default_port/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b5d8d0b5", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/rds_with_backup_disabled/metadata.json b/assets/queries/cloudFormation/aws/rds_with_backup_disabled/metadata.json index 85cbd7d34bf..8e1f32d4c4d 100644 --- a/assets/queries/cloudFormation/aws/rds_with_backup_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/rds_with_backup_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "4ebe02ca", "cloudProvider": "aws", - "cwe": "" + "cwe": "754" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/redshift_cluster_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/redshift_cluster_logging_disabled/metadata.json index c844017ca0b..62b3eca621a 100644 --- a/assets/queries/cloudFormation/aws/redshift_cluster_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/redshift_cluster_logging_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b84206ae", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/redshift_cluster_without_kms_cmk/metadata.json b/assets/queries/cloudFormation/aws/redshift_cluster_without_kms_cmk/metadata.json index aa85d77b917..41153af7287 100644 --- a/assets/queries/cloudFormation/aws/redshift_cluster_without_kms_cmk/metadata.json +++ b/assets/queries/cloudFormation/aws/redshift_cluster_without_kms_cmk/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "e460a7a7", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/redshift_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws/redshift_not_encrypted/metadata.json index 0658761aa1f..d2b4a51cdd7 100644 --- a/assets/queries/cloudFormation/aws/redshift_not_encrypted/metadata.json +++ b/assets/queries/cloudFormation/aws/redshift_not_encrypted/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "5605695c", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/redshift_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/redshift_publicly_accessible/metadata.json index 8b0700e4fbb..8800e7ecd46 100644 --- a/assets/queries/cloudFormation/aws/redshift_publicly_accessible/metadata.json +++ b/assets/queries/cloudFormation/aws/redshift_publicly_accessible/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "407e0863", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/redshift_using_default_port/metadata.json b/assets/queries/cloudFormation/aws/redshift_using_default_port/metadata.json index 47fd792308d..bd14bba52dc 100644 --- a/assets/queries/cloudFormation/aws/redshift_using_default_port/metadata.json +++ b/assets/queries/cloudFormation/aws/redshift_using_default_port/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e2aa0fb8", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/refresh_token_is_exposed/metadata.json b/assets/queries/cloudFormation/aws/refresh_token_is_exposed/metadata.json index 4fe659e7f53..e245091d7de 100644 --- a/assets/queries/cloudFormation/aws/refresh_token_is_exposed/metadata.json +++ b/assets/queries/cloudFormation/aws/refresh_token_is_exposed/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "c752c5a6", "cloudProvider": "aws", - "cwe": "", + "cwe": "522", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/remote_desktop_port_open_to_internet/metadata.json b/assets/queries/cloudFormation/aws/remote_desktop_port_open_to_internet/metadata.json index 26f621d583f..466a1c1afe6 100644 --- a/assets/queries/cloudFormation/aws/remote_desktop_port_open_to_internet/metadata.json +++ b/assets/queries/cloudFormation/aws/remote_desktop_port_open_to_internet/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2e4ef03f", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/root_account_has_active_access_keys/metadata.json b/assets/queries/cloudFormation/aws/root_account_has_active_access_keys/metadata.json index f6f584c7b72..37f19ceb07b 100644 --- a/assets/queries/cloudFormation/aws/root_account_has_active_access_keys/metadata.json +++ b/assets/queries/cloudFormation/aws/root_account_has_active_access_keys/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "195ebcdb", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/route53_record_undefined/metadata.json b/assets/queries/cloudFormation/aws/route53_record_undefined/metadata.json index 3183d0894d6..2d836f1118f 100644 --- a/assets/queries/cloudFormation/aws/route53_record_undefined/metadata.json +++ b/assets/queries/cloudFormation/aws/route53_record_undefined/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "268f1d77", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/routertable_with_default_routing/metadata.json b/assets/queries/cloudFormation/aws/routertable_with_default_routing/metadata.json index 1328d93f0de..108b5074479 100644 --- a/assets/queries/cloudFormation/aws/routertable_with_default_routing/metadata.json +++ b/assets/queries/cloudFormation/aws/routertable_with_default_routing/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "1f341247", "cloudProvider": "aws", - "cwe": "", + "cwe": "710", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_access_to_any_principal/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_access_to_any_principal/metadata.json index 6540daa7718..a0e1ac12050 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_access_to_any_principal/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_access_to_any_principal/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "9a57423d", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_or_write_to_all_users/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_or_write_to_all_users/metadata.json index e5c2b86a2e0..e7d59d78b34 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_or_write_to_all_users/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_or_write_to_all_users/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "68456465", "cloudProvider": "aws", - "cwe": "", + "cwe": "732", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_all_users/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_all_users/metadata.json index f3e81e65695..d33c31284c0 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_all_users/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_all_users/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "cfd67020", "cloudProvider": "aws", - "cwe": "" + "cwe": "732" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_any_authenticated_user/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_any_authenticated_user/metadata.json index b905d2dc2f6..ce33a6b1447 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_any_authenticated_user/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_any_authenticated_user/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "25d149a4", "cloudProvider": "aws", - "cwe": "" + "cwe": "732" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_allows_delete_actions_from_all_principals/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_allows_delete_actions_from_all_principals/metadata.json index be05f1221f8..733e745bce9 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_allows_delete_actions_from_all_principals/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_allows_delete_actions_from_all_principals/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "0a34aa34", "cloudProvider": "aws", - "cwe": "", + "cwe": "732", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_allows_get_actions_from_all_principals/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_allows_get_actions_from_all_principals/metadata.json index a3acc3c74c9..4e762280aaa 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_allows_get_actions_from_all_principals/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_allows_get_actions_from_all_principals/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "5d8cf376", "cloudProvider": "aws", - "cwe": "" + "cwe": "200" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_allows_list_actions_from_all_principals/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_allows_list_actions_from_all_principals/metadata.json index cafee939c32..7211a2f42a8 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_allows_list_actions_from_all_principals/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_allows_list_actions_from_all_principals/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "755801fc", "cloudProvider": "aws", - "cwe": "" + "cwe": "200" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_allows_public_acl/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_allows_public_acl/metadata.json index 4b05c7961f1..9afb979b1e3 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_allows_public_acl/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_allows_public_acl/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "f962a2d5", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_allows_put_actions_from_all_principals/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_allows_put_actions_from_all_principals/metadata.json index 52df5c4707f..7c616084b44 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_allows_put_actions_from_all_principals/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_allows_put_actions_from_all_principals/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "9d094f81", "cloudProvider": "aws", - "cwe": "", + "cwe": "732", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_allows_restore_actions_from_all_principals/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_allows_restore_actions_from_all_principals/metadata.json index 0b51a6ac54d..0b8e11feb79 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_allows_restore_actions_from_all_principals/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_allows_restore_actions_from_all_principals/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "0a41482e", "cloudProvider": "aws", - "cwe": "" + "cwe": "732" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_cloudtrail_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_cloudtrail_logging_disabled/metadata.json index b0c2256e1f1..fd922cf472a 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_cloudtrail_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_cloudtrail_logging_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "00649261", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_logging_disabled/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_logging_disabled/metadata.json index 849918c97ed..5f6c39d631c 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_logging_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_logging_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "ce3728e6", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_should_have_bucket_policy/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_should_have_bucket_policy/metadata.json index 1aceb38b447..ff3c94b9411 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_should_have_bucket_policy/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_should_have_bucket_policy/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "2b429546", "cloudProvider": "aws", - "cwe": "", + "cwe": "665", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_with_all_permissions/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_with_all_permissions/metadata.json index fe5990a5f46..c806569728c 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_with_all_permissions/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_with_all_permissions/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "65883f5a", "cloudProvider": "aws", - "cwe": "", + "cwe": "732", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_with_public_policy/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_with_public_policy/metadata.json index c893ece6f64..f88fbf6c1dc 100755 --- a/assets/queries/cloudFormation/aws/s3_bucket_with_public_policy/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_with_public_policy/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "bfe99abf", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_with_unsecured_cors_rule/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_with_unsecured_cors_rule/metadata.json index 784c3c4e63b..98c72e9ce48 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_with_unsecured_cors_rule/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_with_unsecured_cors_rule/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f616509e", "cloudProvider": "aws", - "cwe": "", + "cwe": "710", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_without_ignore_public_acl/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_without_ignore_public_acl/metadata.json index 1136b367d13..828515945cc 100755 --- a/assets/queries/cloudFormation/aws/s3_bucket_without_ignore_public_acl/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_without_ignore_public_acl/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "74146c20", "cloudProvider": "aws", - "cwe": "", + "cwe": "668", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_without_restriction_of_public_bucket/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_without_restriction_of_public_bucket/metadata.json index b8ce71f590a..a83d9776008 100755 --- a/assets/queries/cloudFormation/aws/s3_bucket_without_restriction_of_public_bucket/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_without_restriction_of_public_bucket/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f9a4d93a", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_without_server_side_encryption/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_without_server_side_encryption/metadata.json index faab71247df..0b86d8360b4 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_without_server_side_encryption/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_without_server_side_encryption/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "314a460b", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_without_ssl_in_write_actions/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_without_ssl_in_write_actions/metadata.json index 81314fa57ab..80677c1c6d5 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_without_ssl_in_write_actions/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_without_ssl_in_write_actions/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "907676d7", "cloudProvider": "aws", - "cwe": "", + "cwe": "319", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_bucket_without_versioning/metadata.json b/assets/queries/cloudFormation/aws/s3_bucket_without_versioning/metadata.json index b2842d7b4e9..ae56c435364 100644 --- a/assets/queries/cloudFormation/aws/s3_bucket_without_versioning/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_bucket_without_versioning/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "fe2c56b9", "cloudProvider": "aws", - "cwe": "" + "cwe": "326" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/s3_static_website_host_enabled/metadata.json b/assets/queries/cloudFormation/aws/s3_static_website_host_enabled/metadata.json index 762e864da3f..244b19cf93c 100644 --- a/assets/queries/cloudFormation/aws/s3_static_website_host_enabled/metadata.json +++ b/assets/queries/cloudFormation/aws/s3_static_website_host_enabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b50aab99", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sagemaker_data_encryption_disabled/metadata.json b/assets/queries/cloudFormation/aws/sagemaker_data_encryption_disabled/metadata.json index da776bca78b..8a507b74c07 100644 --- a/assets/queries/cloudFormation/aws/sagemaker_data_encryption_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/sagemaker_data_encryption_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "41b14673", "cloudProvider": "aws", - "cwe": "" + "cwe": "312" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sagemaker_enabling_internet_access/metadata.json b/assets/queries/cloudFormation/aws/sagemaker_enabling_internet_access/metadata.json index df379d8e707..ecb18cb1520 100644 --- a/assets/queries/cloudFormation/aws/sagemaker_enabling_internet_access/metadata.json +++ b/assets/queries/cloudFormation/aws/sagemaker_enabling_internet_access/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "6e8543a2", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sagemaker_endpoint_config_should_specify_kms_key_id_attribute/metadata.json b/assets/queries/cloudFormation/aws/sagemaker_endpoint_config_should_specify_kms_key_id_attribute/metadata.json index 8ce87b0005f..14feb6a6036 100644 --- a/assets/queries/cloudFormation/aws/sagemaker_endpoint_config_should_specify_kms_key_id_attribute/metadata.json +++ b/assets/queries/cloudFormation/aws/sagemaker_endpoint_config_should_specify_kms_key_id_attribute/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "7c9fa4bf", "cloudProvider": "aws", - "cwe": "" + "cwe": "311" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sagemaker_notebook_not_placed_in_vpc/metadata.json b/assets/queries/cloudFormation/aws/sagemaker_notebook_not_placed_in_vpc/metadata.json index 3c51517677d..5a663b59e10 100644 --- a/assets/queries/cloudFormation/aws/sagemaker_notebook_not_placed_in_vpc/metadata.json +++ b/assets/queries/cloudFormation/aws/sagemaker_notebook_not_placed_in_vpc/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "d062ca53", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sdb_domain_declared_as_a_resource/metadata.json b/assets/queries/cloudFormation/aws/sdb_domain_declared_as_a_resource/metadata.json index 4a84566f484..b3871991a9d 100644 --- a/assets/queries/cloudFormation/aws/sdb_domain_declared_as_a_resource/metadata.json +++ b/assets/queries/cloudFormation/aws/sdb_domain_declared_as_a_resource/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e6c6a7cf", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/secrets_manager_should_specify_kms_key_id/metadata.json b/assets/queries/cloudFormation/aws/secrets_manager_should_specify_kms_key_id/metadata.json index 8ff6d30a77b..a3240c68d67 100644 --- a/assets/queries/cloudFormation/aws/secrets_manager_should_specify_kms_key_id/metadata.json +++ b/assets/queries/cloudFormation/aws/secrets_manager_should_specify_kms_key_id/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "d78bb871", "cloudProvider": "aws", - "cwe": "", + "cwe": "326", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/secure_ciphers_disabled/metadata.json b/assets/queries/cloudFormation/aws/secure_ciphers_disabled/metadata.json index e240895df15..19693b0c389 100644 --- a/assets/queries/cloudFormation/aws/secure_ciphers_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/secure_ciphers_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "9ce51226", "cloudProvider": "aws", - "cwe": "", + "cwe": "326", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_group_egress_cidr_open_to_world/metadata.json b/assets/queries/cloudFormation/aws/security_group_egress_cidr_open_to_world/metadata.json index ef6b9ad3076..ee98a3f5de1 100644 --- a/assets/queries/cloudFormation/aws/security_group_egress_cidr_open_to_world/metadata.json +++ b/assets/queries/cloudFormation/aws/security_group_egress_cidr_open_to_world/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "ec506916", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_group_egress_with_all_protocols/metadata.json b/assets/queries/cloudFormation/aws/security_group_egress_with_all_protocols/metadata.json index 4097626bd8c..6977d44acab 100644 --- a/assets/queries/cloudFormation/aws/security_group_egress_with_all_protocols/metadata.json +++ b/assets/queries/cloudFormation/aws/security_group_egress_with_all_protocols/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b3e66493", "cloudProvider": "aws", - "cwe": "" + "cwe": "200" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_group_egress_with_port_range/metadata.json b/assets/queries/cloudFormation/aws/security_group_egress_with_port_range/metadata.json index 9abc01e64b1..707dc5f4aa9 100644 --- a/assets/queries/cloudFormation/aws/security_group_egress_with_port_range/metadata.json +++ b/assets/queries/cloudFormation/aws/security_group_egress_with_port_range/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "af27e909", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_group_ingress_has_cidr_not_recommended/metadata.json b/assets/queries/cloudFormation/aws/security_group_ingress_has_cidr_not_recommended/metadata.json index 745234f2ec2..365e0c31b36 100644 --- a/assets/queries/cloudFormation/aws/security_group_ingress_has_cidr_not_recommended/metadata.json +++ b/assets/queries/cloudFormation/aws/security_group_ingress_has_cidr_not_recommended/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "443ba8e1", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_group_ingress_with_all_protocols/metadata.json b/assets/queries/cloudFormation/aws/security_group_ingress_with_all_protocols/metadata.json index a6569aea7d8..699ce30909e 100644 --- a/assets/queries/cloudFormation/aws/security_group_ingress_with_all_protocols/metadata.json +++ b/assets/queries/cloudFormation/aws/security_group_ingress_with_all_protocols/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "c067ceb5", "cloudProvider": "aws", - "cwe": "" + "cwe": "200" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_group_ingress_with_port_range/metadata.json b/assets/queries/cloudFormation/aws/security_group_ingress_with_port_range/metadata.json index e7981e4a023..d46187c57fb 100644 --- a/assets/queries/cloudFormation/aws/security_group_ingress_with_port_range/metadata.json +++ b/assets/queries/cloudFormation/aws/security_group_ingress_with_port_range/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "5f2b65f3", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_group_rule_without_description/metadata.json b/assets/queries/cloudFormation/aws/security_group_rule_without_description/metadata.json index a247f4c3882..c0576f16e7c 100644 --- a/assets/queries/cloudFormation/aws/security_group_rule_without_description/metadata.json +++ b/assets/queries/cloudFormation/aws/security_group_rule_without_description/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "f7c62b11", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_groups_allows_unrestricted_outbound_traffic/metadata.json b/assets/queries/cloudFormation/aws/security_groups_allows_unrestricted_outbound_traffic/metadata.json index 6e2f5b92baa..478b94deb22 100644 --- a/assets/queries/cloudFormation/aws/security_groups_allows_unrestricted_outbound_traffic/metadata.json +++ b/assets/queries/cloudFormation/aws/security_groups_allows_unrestricted_outbound_traffic/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "05891eb1", "cloudProvider": "aws", - "cwe": "", + "cwe": "200", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_groups_unrestricted_access_to_rdp/metadata.json b/assets/queries/cloudFormation/aws/security_groups_unrestricted_access_to_rdp/metadata.json index d9a1ac8c09c..3a11c281a13 100644 --- a/assets/queries/cloudFormation/aws/security_groups_unrestricted_access_to_rdp/metadata.json +++ b/assets/queries/cloudFormation/aws/security_groups_unrestricted_access_to_rdp/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "ee6a21e3", "cloudProvider": "aws", - "cwe": "" + "cwe": "1188" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_groups_with_exhibited_admin_ports/metadata.json b/assets/queries/cloudFormation/aws/security_groups_with_exhibited_admin_ports/metadata.json index 500db42ccca..9a7ad5994ac 100644 --- a/assets/queries/cloudFormation/aws/security_groups_with_exhibited_admin_ports/metadata.json +++ b/assets/queries/cloudFormation/aws/security_groups_with_exhibited_admin_ports/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e14121d4", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_groups_with_meta_ip/metadata.json b/assets/queries/cloudFormation/aws/security_groups_with_meta_ip/metadata.json index 01881403139..8df08525f27 100644 --- a/assets/queries/cloudFormation/aws/security_groups_with_meta_ip/metadata.json +++ b/assets/queries/cloudFormation/aws/security_groups_with_meta_ip/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "868a9ec5", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_groups_with_unrestricted_access_to_ssh/metadata.json b/assets/queries/cloudFormation/aws/security_groups_with_unrestricted_access_to_ssh/metadata.json index 7bb63bd326f..a6f7eb84b7f 100644 --- a/assets/queries/cloudFormation/aws/security_groups_with_unrestricted_access_to_ssh/metadata.json +++ b/assets/queries/cloudFormation/aws/security_groups_with_unrestricted_access_to_ssh/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "d515d6dc", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/security_groups_without_vpc_attached/metadata.json b/assets/queries/cloudFormation/aws/security_groups_without_vpc_attached/metadata.json index 7a5ac2c5c5a..b409ab848c0 100644 --- a/assets/queries/cloudFormation/aws/security_groups_without_vpc_attached/metadata.json +++ b/assets/queries/cloudFormation/aws/security_groups_without_vpc_attached/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "8664bd98", "cloudProvider": "aws", - "cwe": "", + "cwe": "665", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/shield_advanced_not_in_use/metadata.json b/assets/queries/cloudFormation/aws/shield_advanced_not_in_use/metadata.json index 5dd67aff3f1..b921b13de70 100644 --- a/assets/queries/cloudFormation/aws/shield_advanced_not_in_use/metadata.json +++ b/assets/queries/cloudFormation/aws/shield_advanced_not_in_use/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "ae5e799c", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json index b4aa3d65449..9b0216ddc4f 100644 --- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json +++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "93100b84", "cloudProvider": "aws", - "cwe": "", + "cwe": "284", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously/metadata.json b/assets/queries/cloudFormation/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously/metadata.json index 74a5b8685fc..f8bdc03b152 100644 --- a/assets/queries/cloudFormation/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously/metadata.json +++ b/assets/queries/cloudFormation/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a4bd80b0", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sns_topic_without_kms_master_key_id/metadata.json b/assets/queries/cloudFormation/aws/sns_topic_without_kms_master_key_id/metadata.json index 3746eb93ef6..4d9c0cfcc57 100644 --- a/assets/queries/cloudFormation/aws/sns_topic_without_kms_master_key_id/metadata.json +++ b/assets/queries/cloudFormation/aws/sns_topic_without_kms_master_key_id/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "a8a19ba3", "cloudProvider": "aws", - "cwe": "", + "cwe": "326", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sqs_policy_with_public_access/metadata.json b/assets/queries/cloudFormation/aws/sqs_policy_with_public_access/metadata.json index 0db55208ef7..8d694aec486 100644 --- a/assets/queries/cloudFormation/aws/sqs_policy_with_public_access/metadata.json +++ b/assets/queries/cloudFormation/aws/sqs_policy_with_public_access/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a232933e", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json b/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json index 85538edb654..c8c61bdcaae 100644 --- a/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "7c3c1b44", "cloudProvider": "aws", - "cwe": "" + "cwe": "319" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/stack_notifications_disabled/metadata.json b/assets/queries/cloudFormation/aws/stack_notifications_disabled/metadata.json index b143ea93647..e078aa13c17 100644 --- a/assets/queries/cloudFormation/aws/stack_notifications_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/stack_notifications_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "1e12925e", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/stack_retention_disabled/metadata.json b/assets/queries/cloudFormation/aws/stack_retention_disabled/metadata.json index 7840c35d17c..ee2b0df2d4e 100644 --- a/assets/queries/cloudFormation/aws/stack_retention_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/stack_retention_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2f8bf223", "cloudProvider": "aws", - "cwe": "" + "cwe": "404" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/support_has_no_role_associated/metadata.json b/assets/queries/cloudFormation/aws/support_has_no_role_associated/metadata.json index 34f3c19eded..ee9886b22f7 100644 --- a/assets/queries/cloudFormation/aws/support_has_no_role_associated/metadata.json +++ b/assets/queries/cloudFormation/aws/support_has_no_role_associated/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "42d28f69", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/tcp_or_udp_protocol_network_acl_entry_allows_all_ports/metadata.json b/assets/queries/cloudFormation/aws/tcp_or_udp_protocol_network_acl_entry_allows_all_ports/metadata.json index 871dac58775..f2c4428d9d4 100644 --- a/assets/queries/cloudFormation/aws/tcp_or_udp_protocol_network_acl_entry_allows_all_ports/metadata.json +++ b/assets/queries/cloudFormation/aws/tcp_or_udp_protocol_network_acl_entry_allows_all_ports/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "51ad2aeb", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } diff --git a/assets/queries/cloudFormation/aws/unknown_port_exposed_to_internet/metadata.json b/assets/queries/cloudFormation/aws/unknown_port_exposed_to_internet/metadata.json index 788b8608881..daf76d9a8ae 100644 --- a/assets/queries/cloudFormation/aws/unknown_port_exposed_to_internet/metadata.json +++ b/assets/queries/cloudFormation/aws/unknown_port_exposed_to_internet/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "0cc0a902", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json b/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json index 573e715f4b5..8b57f85180d 100644 --- a/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json +++ b/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "08256d31", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/unscanned_ecr_image/metadata.json b/assets/queries/cloudFormation/aws/unscanned_ecr_image/metadata.json index 0ff4cac917e..26ea7f92cff 100644 --- a/assets/queries/cloudFormation/aws/unscanned_ecr_image/metadata.json +++ b/assets/queries/cloudFormation/aws/unscanned_ecr_image/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f3f139c0", "cloudProvider": "aws", - "cwe": "", + "cwe": "693", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/user_data_contains_encoded_private_key/metadata.json b/assets/queries/cloudFormation/aws/user_data_contains_encoded_private_key/metadata.json index e2c3fc40e1a..1e1265be38f 100644 --- a/assets/queries/cloudFormation/aws/user_data_contains_encoded_private_key/metadata.json +++ b/assets/queries/cloudFormation/aws/user_data_contains_encoded_private_key/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b8212287", "cloudProvider": "aws", - "cwe": "" + "cwe": "326" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/user_iam_missing_password_reset_required/metadata.json b/assets/queries/cloudFormation/aws/user_iam_missing_password_reset_required/metadata.json index 448f1c94e46..8bc1e39c651 100644 --- a/assets/queries/cloudFormation/aws/user_iam_missing_password_reset_required/metadata.json +++ b/assets/queries/cloudFormation/aws/user_iam_missing_password_reset_required/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a44edc48", "cloudProvider": "aws", - "cwe": "" + "cwe": "710" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/vpc_attached_with_too_many_gateways/metadata.json b/assets/queries/cloudFormation/aws/vpc_attached_with_too_many_gateways/metadata.json index 886d338fa7b..b36bcf1231a 100644 --- a/assets/queries/cloudFormation/aws/vpc_attached_with_too_many_gateways/metadata.json +++ b/assets/queries/cloudFormation/aws/vpc_attached_with_too_many_gateways/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "1370ae52", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/vpc_flowlogs_disabled/metadata.json b/assets/queries/cloudFormation/aws/vpc_flowlogs_disabled/metadata.json index d43638df4a8..e8186590b42 100644 --- a/assets/queries/cloudFormation/aws/vpc_flowlogs_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws/vpc_flowlogs_disabled/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "0fb02ca5", "cloudProvider": "aws", - "cwe": "", + "cwe": "778", "oldSeverity": "LOW" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/vpc_without_attached_subnet/metadata.json b/assets/queries/cloudFormation/aws/vpc_without_attached_subnet/metadata.json index 1ca1e6d6156..9e3ddd1448e 100644 --- a/assets/queries/cloudFormation/aws/vpc_without_attached_subnet/metadata.json +++ b/assets/queries/cloudFormation/aws/vpc_without_attached_subnet/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "23dfbed0", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/vpc_without_network_firewall/metadata.json b/assets/queries/cloudFormation/aws/vpc_without_network_firewall/metadata.json index 1599c804e90..01f2e7d6fb1 100644 --- a/assets/queries/cloudFormation/aws/vpc_without_network_firewall/metadata.json +++ b/assets/queries/cloudFormation/aws/vpc_without_network_firewall/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "f090ffd2", "cloudProvider": "aws", - "cwe": "" + "cwe": "665" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/vulnerable_default_ssl_certificate/metadata.json b/assets/queries/cloudFormation/aws/vulnerable_default_ssl_certificate/metadata.json index 193e0970e58..52e27107d6f 100644 --- a/assets/queries/cloudFormation/aws/vulnerable_default_ssl_certificate/metadata.json +++ b/assets/queries/cloudFormation/aws/vulnerable_default_ssl_certificate/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "ee3b82bc", "cloudProvider": "aws", - "cwe": "", + "cwe": "295", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/webacl_allow_defaultaction/metadata.json b/assets/queries/cloudFormation/aws/webacl_allow_defaultaction/metadata.json index a4cd2797a28..a9b97b90e0a 100644 --- a/assets/queries/cloudFormation/aws/webacl_allow_defaultaction/metadata.json +++ b/assets/queries/cloudFormation/aws/webacl_allow_defaultaction/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "e4327168", "cloudProvider": "aws", - "cwe": "" + "cwe": "284" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/wildcard_in_acm_certificate_domain_name/metadata.json b/assets/queries/cloudFormation/aws/wildcard_in_acm_certificate_domain_name/metadata.json index 90cf2b9e243..a574a06bf6f 100644 --- a/assets/queries/cloudFormation/aws/wildcard_in_acm_certificate_domain_name/metadata.json +++ b/assets/queries/cloudFormation/aws/wildcard_in_acm_certificate_domain_name/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "0affe61c", "cloudProvider": "aws", - "cwe": "" + "cwe": "155" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws/workspace_without_encryption/metadata.json b/assets/queries/cloudFormation/aws/workspace_without_encryption/metadata.json index 317f1d6c62f..499761abe71 100644 --- a/assets/queries/cloudFormation/aws/workspace_without_encryption/metadata.json +++ b/assets/queries/cloudFormation/aws/workspace_without_encryption/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "ed0be490", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/cassandra/metadata.json b/assets/queries/cloudFormation/aws_bom/cassandra/metadata.json index e60d1750fb8..8a752e671ad 100644 --- a/assets/queries/cloudFormation/aws_bom/cassandra/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/cassandra/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "bd2db07c", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/dynamo/metadata.json b/assets/queries/cloudFormation/aws_bom/dynamo/metadata.json index f5759298d7e..fc92ad26c38 100644 --- a/assets/queries/cloudFormation/aws_bom/dynamo/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/dynamo/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b0d40495", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/ebs/metadata.json b/assets/queries/cloudFormation/aws_bom/ebs/metadata.json index cd09b96f3d7..579e72a814e 100644 --- a/assets/queries/cloudFormation/aws_bom/ebs/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/ebs/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "6869b929", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/efs/metadata.json b/assets/queries/cloudFormation/aws_bom/efs/metadata.json index 2b42e242649..6d33d61e87a 100644 --- a/assets/queries/cloudFormation/aws_bom/efs/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/efs/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "f6d4e4b8", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/elasticache/metadata.json b/assets/queries/cloudFormation/aws_bom/elasticache/metadata.json index d42939392e9..b48f7955eb4 100644 --- a/assets/queries/cloudFormation/aws_bom/elasticache/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/elasticache/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "deea2b5c", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/kinesis/metadata.json b/assets/queries/cloudFormation/aws_bom/kinesis/metadata.json index b8c4b514850..961fa67f929 100644 --- a/assets/queries/cloudFormation/aws_bom/kinesis/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/kinesis/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "4b8f3b90", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/mq/metadata.json b/assets/queries/cloudFormation/aws_bom/mq/metadata.json index 908e2e7f23c..efa0a661e6e 100644 --- a/assets/queries/cloudFormation/aws_bom/mq/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/mq/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "93a9e162", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/msk/metadata.json b/assets/queries/cloudFormation/aws_bom/msk/metadata.json index a43bf5f63e9..3949fcf47dd 100644 --- a/assets/queries/cloudFormation/aws_bom/msk/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/msk/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "7413f967", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/rds/metadata.json b/assets/queries/cloudFormation/aws_bom/rds/metadata.json index d4de5916a61..e5fbb4d8307 100644 --- a/assets/queries/cloudFormation/aws_bom/rds/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/rds/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "77215b57", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/s3_bucket/metadata.json b/assets/queries/cloudFormation/aws_bom/s3_bucket/metadata.json index 9b3a98dd2e3..eecf9a93378 100644 --- a/assets/queries/cloudFormation/aws_bom/s3_bucket/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/s3_bucket/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "a46851fb", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/sns/metadata.json b/assets/queries/cloudFormation/aws_bom/sns/metadata.json index f083d84a9ce..15e0e1c02a0 100644 --- a/assets/queries/cloudFormation/aws_bom/sns/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/sns/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "3cd7a815", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_bom/sqs/metadata.json b/assets/queries/cloudFormation/aws_bom/sqs/metadata.json index 5b26719029d..600034554c0 100644 --- a/assets/queries/cloudFormation/aws_bom/sqs/metadata.json +++ b/assets/queries/cloudFormation/aws_bom/sqs/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "c57e306b", "cloudProvider": "aws", - "cwe": "" + "cwe": "532" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_api_access_logging_setting_undefined/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_api_access_logging_setting_undefined/metadata.json index 667787125be..1abab5e791b 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_api_access_logging_setting_undefined/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_api_access_logging_setting_undefined/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b2bb4961", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_api_cache_cluster_disabled/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_api_cache_cluster_disabled/metadata.json index 12ad0d645d3..c3461d883ad 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_api_cache_cluster_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_api_cache_cluster_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "1ce59cab", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_api_endpoint_config_not_private/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_api_endpoint_config_not_private/metadata.json index 613ec5cd1e2..8510b4fc6aa 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_api_endpoint_config_not_private/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_api_endpoint_config_not_private/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "f86c03cc", "cloudProvider": "aws", - "cwe": "" + "cwe": "668" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_api_without_content_encoding/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_api_without_content_encoding/metadata.json index d9b3cb2675a..68bd5ffee52 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_api_without_content_encoding/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_api_without_content_encoding/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "745a11d2", "cloudProvider": "aws", - "cwe": "", + "cwe": "311", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_api_xray_tracing_disabled/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_api_xray_tracing_disabled/metadata.json index a403d6f1909..e6eb20f72a5 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_api_xray_tracing_disabled/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_api_xray_tracing_disabled/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "ba685b50", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_function_environment_variables_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_function_environment_variables_not_encrypted/metadata.json index 74de2e74d0e..5b600cb894d 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_function_environment_variables_not_encrypted/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_function_environment_variables_not_encrypted/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "f218e4bc", "cloudProvider": "aws", - "cwe": "", + "cwe": "526", "oldSeverity": "HIGH" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_function_without_dead_letter_queue/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_function_without_dead_letter_queue/metadata.json index ca5a8671543..4a12b676a16 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_function_without_dead_letter_queue/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_function_without_dead_letter_queue/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "1142bb9f", "cloudProvider": "aws", - "cwe": "" + "cwe": "390" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_function_without_tags/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_function_without_tags/metadata.json index b4a2662120c..496e781b7e0 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_function_without_tags/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_function_without_tags/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "fa1b224c", "cloudProvider": "aws", - "cwe": "", + "cwe": "665", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_function_without_unique_iam_role/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_function_without_unique_iam_role/metadata.json index ec393a1aaaf..3799267b0e6 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_function_without_unique_iam_role/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_function_without_unique_iam_role/metadata.json @@ -8,6 +8,6 @@ "platform": "CloudFormation", "descriptionID": "50e760ce", "cloudProvider": "aws", - "cwe": "", + "cwe": "269", "oldSeverity": "MEDIUM" } \ No newline at end of file diff --git a/assets/queries/cloudFormation/aws_sam/serverless_function_without_x-ray_tracing/metadata.json b/assets/queries/cloudFormation/aws_sam/serverless_function_without_x-ray_tracing/metadata.json index fa6a9b45046..458ef2be317 100644 --- a/assets/queries/cloudFormation/aws_sam/serverless_function_without_x-ray_tracing/metadata.json +++ b/assets/queries/cloudFormation/aws_sam/serverless_function_without_x-ray_tracing/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "b0a83f52", "cloudProvider": "aws", - "cwe": "" + "cwe": "778" } \ No newline at end of file From 95732f2182f91b276d2f2851a6233d3b1267b53b Mon Sep 17 00:00:00 2001 From: Artur Ribeiro Date: Tue, 2 Jul 2024 17:24:21 +0100 Subject: [PATCH 2/3] update e2e with cwe infos --- e2e/fixtures/E2E_CLI_032_RESULT.json | 15 +++++++++++++++ e2e/fixtures/E2E_CLI_036_RESULT.json | 13 +++++++++++++ e2e/fixtures/E2E_CLI_036_RESULT_2.json | 1 + e2e/fixtures/E2E_CLI_092_RESULT.json | 7 +++++++ 4 files changed, 36 insertions(+) diff --git a/e2e/fixtures/E2E_CLI_032_RESULT.json b/e2e/fixtures/E2E_CLI_032_RESULT.json index cd00b4d1138..785af40b9cb 100644 --- a/e2e/fixtures/E2E_CLI_032_RESULT.json +++ b/e2e/fixtures/E2E_CLI_032_RESULT.json @@ -32,6 +32,7 @@ "query_url": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group", "severity": "HIGH", "platform": "CloudFormation", + "cwe": "668", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -122,6 +123,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html", "severity": "HIGH", "platform": "CloudFormation", + "cwe": "668", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -162,6 +164,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -189,6 +192,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-listener.html#cfn-ec2-elb-listener-protocol", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "319", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -216,6 +220,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "400", "cloud_provider": "AWS", "category": "Availability", "experimental": false, @@ -243,6 +248,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html#cfn-ecs-taskdefinition-networkmode", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Insecure Configurations", "experimental": false, @@ -270,6 +276,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupingress", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -297,6 +304,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupegress", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -324,6 +332,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Access Control", "experimental": false, @@ -351,6 +360,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -404,6 +414,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-deploymentconfiguration", "severity": "LOW", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Availability", "experimental": false, @@ -431,6 +442,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html", "severity": "LOW", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Observability", "experimental": false, @@ -471,6 +483,7 @@ "query_url": "https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html", "severity": "LOW", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Best Practices", "experimental": false, @@ -498,6 +511,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secret.html", "severity": "LOW", "platform": "CloudFormation", + "cwe": "326", "cloud_provider": "AWS", "category": "Secret Management", "experimental": false, @@ -525,6 +539,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html", "severity": "INFO", "platform": "CloudFormation", + "cwe": "710", "cloud_provider": "AWS", "category": "Best Practices", "experimental": false, diff --git a/e2e/fixtures/E2E_CLI_036_RESULT.json b/e2e/fixtures/E2E_CLI_036_RESULT.json index 4d1d32d0abe..29860a08d08 100644 --- a/e2e/fixtures/E2E_CLI_036_RESULT.json +++ b/e2e/fixtures/E2E_CLI_036_RESULT.json @@ -32,6 +32,7 @@ "query_url": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group", "severity": "HIGH", "platform": "CloudFormation", + "cwe": "668", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -72,6 +73,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html", "severity": "HIGH", "platform": "CloudFormation", + "cwe": "668", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -112,6 +114,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -139,6 +142,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-listener.html#cfn-ec2-elb-listener-protocol", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -166,6 +170,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-group.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "400", "cloud_provider": "AWS", "category": "Availability", "experimental": false, @@ -193,6 +198,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html#cfn-ecs-taskdefinition-networkmode", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Insecure Configurations", "experimental": false, @@ -220,6 +226,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupingress", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -247,6 +254,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-securitygroupegress", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, @@ -274,6 +282,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Access Control", "experimental": false, @@ -302,6 +311,7 @@ "severity": "MEDIUM", "platform": "CloudFormation", "cloud_provider": "AWS", + "cwe": "665", "category": "Networking and Firewall", "experimental": false, "description": "AWS Security Group Ingress should have a single port", @@ -354,6 +364,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-deploymentconfiguration", "severity": "LOW", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Availability", "experimental": false, @@ -381,6 +392,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html", "severity": "LOW", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Observability", "experimental": false, @@ -421,6 +433,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html", "severity": "INFO", "platform": "CloudFormation", + "cwe": "710", "cloud_provider": "AWS", "category": "Best Practices", "experimental": false, diff --git a/e2e/fixtures/E2E_CLI_036_RESULT_2.json b/e2e/fixtures/E2E_CLI_036_RESULT_2.json index b7c73f9d331..f716e88ec5a 100644 --- a/e2e/fixtures/E2E_CLI_036_RESULT_2.json +++ b/e2e/fixtures/E2E_CLI_036_RESULT_2.json @@ -32,6 +32,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "665", "cloud_provider": "AWS", "category": "Networking and Firewall", "experimental": false, diff --git a/e2e/fixtures/E2E_CLI_092_RESULT.json b/e2e/fixtures/E2E_CLI_092_RESULT.json index 9c6dcb59048..bddc0661f41 100644 --- a/e2e/fixtures/E2E_CLI_092_RESULT.json +++ b/e2e/fixtures/E2E_CLI_092_RESULT.json @@ -32,6 +32,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html", "severity": "HIGH", "platform": "CloudFormation", + "cwe": "312", "cloud_provider": "AWS", "category": "Encryption", "experimental": false, @@ -59,6 +60,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html", "severity": "HIGH", "platform": "CloudFormation", + "cwe": "312", "cloud_provider": "AWS", "category": "Encryption", "experimental": false, @@ -86,6 +88,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html", "severity": "MEDIUM", "platform": "CloudFormation", + "cwe": "284", "cloud_provider": "AWS", "category": "Availability", "experimental": false, @@ -113,6 +116,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html", "severity": "LOW", "platform": "CloudFormation", + "cwe": "710", "cloud_provider": "AWS", "category": "Best Practices", "experimental": false, @@ -140,6 +144,7 @@ "query_url": "https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html", "severity": "LOW", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Best Practices", "experimental": false, @@ -167,6 +172,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html", "severity": "LOW", "platform": "CloudFormation", + "cwe": "778", "cloud_provider": "AWS", "category": "Backup", "experimental": false, @@ -194,6 +200,7 @@ "query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-deletionprotection", "severity": "LOW", "platform": "CloudFormation", + "cwe": "459", "cloud_provider": "AWS", "category": "Backup", "experimental": false, From 647e0f2a725f6b2b8463703ded2164051f77c87a Mon Sep 17 00:00:00 2001 From: Artur Ribeiro Date: Wed, 18 Sep 2024 15:54:29 +0100 Subject: [PATCH 3/3] add missing cwe to cloudformation query --- .../metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json b/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json index 2d8f15bf408..7f4b9323342 100644 --- a/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json +++ b/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended/metadata.json @@ -8,5 +8,5 @@ "platform": "CloudFormation", "descriptionID": "2a9dc4de", "cloudProvider": "aws", - "cwe": "" + "cwe": "913" } \ No newline at end of file