From 793ccf9aba4b68c6636e7cd19f6eb9508abdef64 Mon Sep 17 00:00:00 2001
From: Artur Ribeiro <artur.ribeiro@checkmarx.com>
Date: Sat, 29 Jun 2024 23:38:29 +0100
Subject: [PATCH] add cwe infos to all crossplane queries

---
 .../crossplane/aws/cloudfront_logging_disabled/metadata.json   | 2 +-
 .../cloudfront_without_minimum_protocol_tls_1.2/metadata.json  | 2 +-
 .../crossplane/aws/cloudfront_without_waf/metadata.json        | 2 +-
 .../metadata.json                                              | 2 +-
 .../aws/db_instance_storage_not_encrypted/metadata.json        | 2 +-
 .../aws/db_security_group_has_public_interface/metadata.json   | 2 +-
 .../crossplane/aws/docdb_logging_disabled/metadata.json        | 2 +-
 .../ecs_cluster_with_container_insights_disabled/metadata.json | 3 ++-
 assets/queries/crossplane/aws/efs_not_encrypted/metadata.json  | 2 +-
 assets/queries/crossplane/aws/efs_without_kms/metadata.json    | 2 +-
 .../crossplane/aws/elb_using_weak_ciphers/metadata.json        | 2 +-
 .../neptune_database_cluster_encryption_disabled/metadata.json | 2 +-
 .../aws/rds_db_instance_publicly_accessible/metadata.json      | 2 +-
 .../queries/crossplane/aws/sqs_with_sse_disabled/metadata.json | 2 +-
 .../queries/crossplane/azure/aks_rbac_disabled/metadata.json   | 2 +-
 .../azure/redis_cache_allows_non_ssl_connections/metadata.json | 2 +-
 .../gcp/cloud_storage_bucket_logging_not_enabled/metadata.json | 2 +-
 .../metadata.json                                              | 2 +-
 18 files changed, 19 insertions(+), 18 deletions(-)

diff --git a/assets/queries/crossplane/aws/cloudfront_logging_disabled/metadata.json b/assets/queries/crossplane/aws/cloudfront_logging_disabled/metadata.json
index f65591bcd9f..5f184c06363 100644
--- a/assets/queries/crossplane/aws/cloudfront_logging_disabled/metadata.json
+++ b/assets/queries/crossplane/aws/cloudfront_logging_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "48cd0b5a",
   "cloudProvider": "aws",
-  "cwe": ""
+  "cwe": "778"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json b/assets/queries/crossplane/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json
index 07222d6bc85..c589ffb69b1 100644
--- a/assets/queries/crossplane/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json
+++ b/assets/queries/crossplane/aws/cloudfront_without_minimum_protocol_tls_1.2/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "11cca65a",
   "cloudProvider": "aws",
-  "cwe": "",
+  "cwe": "326",
   "oldSeverity": "HIGH"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/cloudfront_without_waf/metadata.json b/assets/queries/crossplane/aws/cloudfront_without_waf/metadata.json
index b61de67684e..1b2d3dceaba 100644
--- a/assets/queries/crossplane/aws/cloudfront_without_waf/metadata.json
+++ b/assets/queries/crossplane/aws/cloudfront_without_waf/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "c5493606",
   "cloudProvider": "aws",
-  "cwe": "",
+  "cwe": "285",
   "oldSeverity": "LOW"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/cloudwatch_without_retention_period_specified/metadata.json b/assets/queries/crossplane/aws/cloudwatch_without_retention_period_specified/metadata.json
index 611acb8984a..d254a94571f 100644
--- a/assets/queries/crossplane/aws/cloudwatch_without_retention_period_specified/metadata.json
+++ b/assets/queries/crossplane/aws/cloudwatch_without_retention_period_specified/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "9ce0c6f8",
   "cloudProvider": "aws",
-  "cwe": "",
+  "cwe": "778",
   "oldSeverity": "MEDIUM"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/db_instance_storage_not_encrypted/metadata.json b/assets/queries/crossplane/aws/db_instance_storage_not_encrypted/metadata.json
index 2bdaff601e0..b849b5be1fa 100644
--- a/assets/queries/crossplane/aws/db_instance_storage_not_encrypted/metadata.json
+++ b/assets/queries/crossplane/aws/db_instance_storage_not_encrypted/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "e40c8a7e",
   "cloudProvider": "aws",
-  "cwe": ""
+  "cwe": "311"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/db_security_group_has_public_interface/metadata.json b/assets/queries/crossplane/aws/db_security_group_has_public_interface/metadata.json
index df07f5a179a..1ce858d4abf 100644
--- a/assets/queries/crossplane/aws/db_security_group_has_public_interface/metadata.json
+++ b/assets/queries/crossplane/aws/db_security_group_has_public_interface/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "c26de1ff",
   "cloudProvider": "aws",
-  "cwe": ""
+  "cwe": "284"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/docdb_logging_disabled/metadata.json b/assets/queries/crossplane/aws/docdb_logging_disabled/metadata.json
index 55ff5c8bb74..e827296e80c 100644
--- a/assets/queries/crossplane/aws/docdb_logging_disabled/metadata.json
+++ b/assets/queries/crossplane/aws/docdb_logging_disabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "60b6794e",
   "cloudProvider": "aws",
-  "cwe": "",
+  "cwe": "778",
   "oldSeverity": "LOW"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/ecs_cluster_with_container_insights_disabled/metadata.json b/assets/queries/crossplane/aws/ecs_cluster_with_container_insights_disabled/metadata.json
index d9ad876d045..1a4f2150fa7 100644
--- a/assets/queries/crossplane/aws/ecs_cluster_with_container_insights_disabled/metadata.json
+++ b/assets/queries/crossplane/aws/ecs_cluster_with_container_insights_disabled/metadata.json
@@ -7,5 +7,6 @@
   "descriptionUrl": "https://doc.crds.dev/github.com/crossplane/provider-aws/ecs.aws.crossplane.io/Cluster/v1alpha1@v0.42.0#spec-forProvider-settings",
   "platform": "Crossplane",
   "descriptionID": "a6911ebd",
-	"cloudProvider": "aws"
+	"cloudProvider": "aws",
+  "cwe": "778"
 }
diff --git a/assets/queries/crossplane/aws/efs_not_encrypted/metadata.json b/assets/queries/crossplane/aws/efs_not_encrypted/metadata.json
index 72fb751aa42..6fe67fbc68a 100644
--- a/assets/queries/crossplane/aws/efs_not_encrypted/metadata.json
+++ b/assets/queries/crossplane/aws/efs_not_encrypted/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "de7bf263",
   "cloudProvider": "aws",
-  "cwe": ""
+  "cwe": "311"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/efs_without_kms/metadata.json b/assets/queries/crossplane/aws/efs_without_kms/metadata.json
index d70b287539e..39cba4a2a17 100644
--- a/assets/queries/crossplane/aws/efs_without_kms/metadata.json
+++ b/assets/queries/crossplane/aws/efs_without_kms/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "2643a873",
   "cloudProvider": "aws",
-  "cwe": "",
+  "cwe": "311",
   "oldSeverity": "HIGH"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/elb_using_weak_ciphers/metadata.json b/assets/queries/crossplane/aws/elb_using_weak_ciphers/metadata.json
index 27a13f236cc..707bebf0355 100644
--- a/assets/queries/crossplane/aws/elb_using_weak_ciphers/metadata.json
+++ b/assets/queries/crossplane/aws/elb_using_weak_ciphers/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "53318133",
   "cloudProvider": "aws",
-  "cwe": ""
+  "cwe": "326"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/neptune_database_cluster_encryption_disabled/metadata.json b/assets/queries/crossplane/aws/neptune_database_cluster_encryption_disabled/metadata.json
index 5933bd2178b..fa911329ea3 100644
--- a/assets/queries/crossplane/aws/neptune_database_cluster_encryption_disabled/metadata.json
+++ b/assets/queries/crossplane/aws/neptune_database_cluster_encryption_disabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "f7998100",
   "cloudProvider": "aws",
-  "cwe": "",
+  "cwe": "311",
   "oldSeverity": "MEDIUM"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/rds_db_instance_publicly_accessible/metadata.json b/assets/queries/crossplane/aws/rds_db_instance_publicly_accessible/metadata.json
index a8a6423c6f6..2df853c1637 100644
--- a/assets/queries/crossplane/aws/rds_db_instance_publicly_accessible/metadata.json
+++ b/assets/queries/crossplane/aws/rds_db_instance_publicly_accessible/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "d7566b63",
   "cloudProvider": "aws",
-  "cwe": "",
+  "cwe": "284",
   "oldSeverity": "HIGH"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/aws/sqs_with_sse_disabled/metadata.json b/assets/queries/crossplane/aws/sqs_with_sse_disabled/metadata.json
index 006e1898535..5dcfea0ca57 100644
--- a/assets/queries/crossplane/aws/sqs_with_sse_disabled/metadata.json
+++ b/assets/queries/crossplane/aws/sqs_with_sse_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "ed3868e0",
   "cloudProvider": "aws",
-  "cwe": ""
+  "cwe": "319"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/azure/aks_rbac_disabled/metadata.json b/assets/queries/crossplane/azure/aks_rbac_disabled/metadata.json
index 97c12c9c90b..35ea7555737 100644
--- a/assets/queries/crossplane/azure/aks_rbac_disabled/metadata.json
+++ b/assets/queries/crossplane/azure/aks_rbac_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "b9f4440e",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "311"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/azure/redis_cache_allows_non_ssl_connections/metadata.json b/assets/queries/crossplane/azure/redis_cache_allows_non_ssl_connections/metadata.json
index 46a3aa51d65..1c51935be46 100644
--- a/assets/queries/crossplane/azure/redis_cache_allows_non_ssl_connections/metadata.json
+++ b/assets/queries/crossplane/azure/redis_cache_allows_non_ssl_connections/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "d7cbff51",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "250"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/gcp/cloud_storage_bucket_logging_not_enabled/metadata.json b/assets/queries/crossplane/gcp/cloud_storage_bucket_logging_not_enabled/metadata.json
index e71f752d9b7..af133c825ec 100644
--- a/assets/queries/crossplane/gcp/cloud_storage_bucket_logging_not_enabled/metadata.json
+++ b/assets/queries/crossplane/gcp/cloud_storage_bucket_logging_not_enabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "Crossplane",
   "descriptionID": "49295adb",
   "cloudProvider": "gcp",
-  "cwe": "",
+  "cwe": "778",
   "oldSeverity": "HIGH"
 }
\ No newline at end of file
diff --git a/assets/queries/crossplane/gcp/google_container_node_pool_auto_repair_disabled/metadata.json b/assets/queries/crossplane/gcp/google_container_node_pool_auto_repair_disabled/metadata.json
index a7f0b9e3acd..1c935cb1585 100644
--- a/assets/queries/crossplane/gcp/google_container_node_pool_auto_repair_disabled/metadata.json
+++ b/assets/queries/crossplane/gcp/google_container_node_pool_auto_repair_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "Crossplane",
   "descriptionID": "bc1c198b",
   "cloudProvider": "gcp",
-  "cwe": ""
+  "cwe": "703"
 }
\ No newline at end of file