Needed Support for CWE info in AWS Inspector findings (wrapped in scantype as AWS Security Hub) and Aquasec findings

Question

Needed Support for CWE info in AWS Inspector findings (wrapped in scantype as AWS Security Hub) and Aquasec findings

mahesh-ppro opened this issue 3 months ago · 1 comments

Hello Team,
I was curious about the cwe field in the aquasec scans as well as AWS security hub scans. The field with name cwe_info is further in the chain getting transformed into cwe which is shown on the UI. But it expects a cwe number alone. Even if we provide that as a part of scan_report file it gets ignored and not shown on UI. Does that field not handled properly in the downstream processing ?
Note : If we provide the cwe number by editing the finding from the UI itself then it works like a charm.

Could someone please shed some light on this ?

Thank you so much in advance

Answer 1 · 2024-09-25T17:46:37.000Z

Do you have a sample file? Then, I can help you