Changed inventory vulnerabilities references to links

CHANGELOG.md

@@ -20,6 +20,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Change the text of the query limit tooltip [#6981](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6981)
 - Upgraded the `axios` dependency to `1.7.4` [#6919](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6919)
 - Improved MITRE ATT&CK intelligence flyout details readability [#6954](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6954)
+- Changed vulnerabilities.reference to links in Vulnerability Detection > Inventory columns [#6960](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6960)
 
 ## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 07
 

plugins/main/public/components/common/wazuh-discover/render-columns.tsx

@@ -1,5 +1,5 @@
 import React from 'react';
-import { EuiText } from '@elastic/eui';
+import { EuiText, EuiLink, EuiToolTip } from '@elastic/eui';
 import { tDataGridRenderColumn } from '../data-grid';
 import {
  endpointSummary,
@@ -79,6 +79,36 @@ export const wzDiscoverRenderColumns: tDataGridRenderColumn[] = [
  );
  },
  },
+ {
+ id: 'vulnerability.reference',
+ render: value => {
+ const links = (
+ <>
+ {/* We separated the reference value since it is a string separated by
+ commas, causing an issue when returning 2 links. */}
+ {value?.split(', ').map((link, index) => (
+ <span key={index}>
+ {!!index && ', '}
+ <EuiToolTip
+ position='top'
+ content='Navigate to the vulnerability reference'
+ >
+ <EuiLink
+ href={link}
+ target='_blank'
+ rel='noopener noreferrer'
+ external
+ >
+ {link}
+ </EuiLink>
+ </EuiToolTip>
+ </span>
+ ))}
+ </>
+ );
+ return links;
+ },
+ },
  {
  id: 'rule.id',
  render: value => (

scripts/vulnerabilities-events-injector/dataInjectScript.py

@@ -103,14 +103,22 @@ def generateRandomTags():
  tags.append('tag{}'.format(random.randint(0, 99)))
  return(tags)
 
+#Sometimes vulnerability.reference contains 2 links; this function mocks it.
+def generateRandomReference(vulnerability_id):
+ reference = 'https://mycve.test.org/cgi-bin/cvename.cgi?name={}'.format(vulnerability_id)
+ if random.choice([True, False]):
+ return '{0}, {0}'.format(reference)
+ else:
+ return reference
+
 def generateRandomVulnerability():
  vulnerability = {}
  vulnerability['category'] = random.choice(['security','config','os','package','custom'])
  vulnerability['classification'] = 'classification{}'.format(random.randint(0, 9999))
  vulnerability['description'] = 'description{}'.format(random.randint(0, 9999))
  vulnerability['enumeration'] = 'CVE'
  vulnerability['id'] = 'CVE-{}'.format(random.randint(0, 9999))
- vulnerability['reference'] = 'https://mycve.test.org/cgi-bin/cvename.cgi?name={}'.format(vulnerability['id'])
+ vulnerability['reference'] = generateRandomReference(vulnerability['id'])
  vulnerability['report_id'] = 'report-{}'.format(random.randint(0, 9999))
  vulnerability['scanner'] = {'vendor':'vendor-{}'.format(random.randint(0, 9))}
  vulnerability['score'] = {'base':round(random.uniform(0, 10),1), 'environmental':round(random.uniform(0, 10),1), 'temporal':round(random.uniform(0, 10),1),'version':'{}'.format(round(random.uniform(0, 10),1))}