From 31402cf27ea928bdd397271d171a0c9ef78cd16d Mon Sep 17 00:00:00 2001 From: rmurray-r7 Date: Wed, 12 Feb 2025 13:33:17 +0000 Subject: [PATCH] Snyk and SDK for Cisco 2.1.4 (#3128) (#3129) --- plugins/cisco_firepower_management_center/.CHECKSUM | 6 +++--- plugins/cisco_firepower_management_center/Dockerfile | 4 ++-- .../bin/icon_cisco_firepower_management_center | 4 ++-- plugins/cisco_firepower_management_center/help.md | 5 +++-- .../cisco_firepower_management_center/plugin.spec.yaml | 10 ++++++---- .../cisco_firepower_management_center/requirements.txt | 2 +- plugins/cisco_firepower_management_center/setup.py | 4 ++-- 7 files changed, 19 insertions(+), 16 deletions(-) diff --git a/plugins/cisco_firepower_management_center/.CHECKSUM b/plugins/cisco_firepower_management_center/.CHECKSUM index 64612641ea..c2dbf50a3a 100644 --- a/plugins/cisco_firepower_management_center/.CHECKSUM +++ b/plugins/cisco_firepower_management_center/.CHECKSUM @@ -1,7 +1,7 @@ { - "spec": "774ec03d980ddd7c2fb6eb19444a6e54", - "manifest": "8686336471e7ed58bc3ffc89ee013259", - "setup": "5e29d63e7a3bbaf0287f36401d3a3707", + "spec": "6fd47516036e85d785a2ea8d30c591db", + "manifest": "a45dc38d1b8ee7daff97d845e5c9edc0", + "setup": "8d5d6e9c093995e2ac8a19b867f7eeb2", "schemas": [ { "identifier": "add_address_to_group/schema.py", diff --git a/plugins/cisco_firepower_management_center/Dockerfile b/plugins/cisco_firepower_management_center/Dockerfile index b6d34c16ed..2f86604289 100755 --- a/plugins/cisco_firepower_management_center/Dockerfile +++ b/plugins/cisco_firepower_management_center/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.1.2 +FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.4 LABEL organization=rapid7 LABEL sdk=python @@ -12,7 +12,7 @@ RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi ADD . /python/src -RUN python setup.py build && python setup.py install +RUN pip install . # User to run plugin code. The two supported users are: root, nobody USER root diff --git a/plugins/cisco_firepower_management_center/bin/icon_cisco_firepower_management_center b/plugins/cisco_firepower_management_center/bin/icon_cisco_firepower_management_center index d4ae90ff0e..39a772dbc4 100755 --- a/plugins/cisco_firepower_management_center/bin/icon_cisco_firepower_management_center +++ b/plugins/cisco_firepower_management_center/bin/icon_cisco_firepower_management_center @@ -6,8 +6,8 @@ from sys import argv Name = "Cisco Firepower Management Center" Vendor = "rapid7" -Version = "2.1.3" -Description = "This plugin utilizes Cisco Firepower Management Center to create URL block policies and manage address objects to block hosts" +Version = "2.1.4" +Description = "[Cisco Firepower Management Center](https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html) is your administrative nerve center for managing critical Cisco network security solutions.The Cisco Firepower Management Center InsightConnect plugin allows you to block URLs and hosts. Firewall best practices for blocking and unblocking hosts is to add and remove address objects from a group attached to an existing firewall policy such as a deny-all rule.In this example, adding an address object to a group attached to a deny-all rule will block the host, and removing the address object from the same group would unblock the host. Automating firewall blocking can be accomplished using the address object management actions in this plugin" def main(): diff --git a/plugins/cisco_firepower_management_center/help.md b/plugins/cisco_firepower_management_center/help.md index b2b17b904e..82bd0d5a37 100644 --- a/plugins/cisco_firepower_management_center/help.md +++ b/plugins/cisco_firepower_management_center/help.md @@ -2,7 +2,7 @@ [Cisco Firepower Management Center](https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html) is your administrative nerve center for managing critical Cisco network security solutions. The Cisco Firepower Management Center InsightConnect plugin allows you to block URLs and hosts. Firewall best practices for blocking and unblocking hosts is to add and remove address objects from a group attached to an existing firewall policy such as a deny-all rule. -In this example, adding an address object to a group attached to a deny-all rule will block the host, and removing the address object from the same group would unblock the host. Automating firewall blocking can be accomplished using the address object management actions in this plugin. +In this example, adding an address object to a group attached to a deny-all rule will block the host, and removing the address object from the same group would unblock the host. Automating firewall blocking can be accomplished using the address object management actions in this plugin # Key Features @@ -707,10 +707,11 @@ Example output: ## Troubleshooting -The certificate authentication is used solely in two actions, namely: `Add Scan Result` and `Bulk Add Scan Result`. Please remember, that the data entered into the certificate input field in the connection is required to be a base-64 encoded PKCS12 certificate file, exported from the Firepower Management Center server. The passphrase is a password created during the PKCS12 certificate file export.`SSL Verify` field is used by all other actions (i.e. excluding `Add Scan Result` and `Bulk Add Scan Result`), for SSL certificate verification. If the certificate is self-signed then SSL Verify should be set to `False` for those actions. +* The certificate authentication is used solely in two actions, namely: `Add Scan Result` and `Bulk Add Scan Result`. Please remember, that the data entered into the certificate input field in the connection is required to be a base-64 encoded PKCS12 certificate file, exported from the Firepower Management Center server. The passphrase is a password created during the PKCS12 certificate file export.`SSL Verify` field is used by all other actions (i.e. excluding `Add Scan Result` and `Bulk Add Scan Result`), for SSL certificate verification. If the certificate is self-signed then SSL Verify should be set to `False` for those actions. # Version History +* 2.1.4 - Bumped 'cryptography' package to latest version | SDK Bump to 6.2.4 * 2.1.3 - Bumped 'cryptography' | SDK Bump to 6.1.2 * 2.1.2 - `Block URL Policy` - Refactor the action to use local API calls | Remove vulnerable dependencies * 2.1.1 - Updated to latest SDK version | Fixed issue related to pagination diff --git a/plugins/cisco_firepower_management_center/plugin.spec.yaml b/plugins/cisco_firepower_management_center/plugin.spec.yaml index 699f9d188d..ef735a2b6a 100644 --- a/plugins/cisco_firepower_management_center/plugin.spec.yaml +++ b/plugins/cisco_firepower_management_center/plugin.spec.yaml @@ -6,13 +6,13 @@ title: Cisco Firepower Management Center vendor: rapid7 support: community status: [] -description: This plugin utilizes Cisco Firepower Management Center to create URL block policies and manage address objects to block hosts -version: 2.1.3 +description: "[Cisco Firepower Management Center](https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html) is your administrative nerve center for managing critical Cisco network security solutions.\nThe Cisco Firepower Management Center InsightConnect plugin allows you to block URLs and hosts. Firewall best practices for blocking and unblocking hosts is to add and remove address objects from a group attached to an existing firewall policy such as a deny-all rule.\nIn this example, adding an address object to a group attached to a deny-all rule will block the host, and removing the address object from the same group would unblock the host. Automating firewall blocking can be accomplished using the address object management actions in this plugin" +version: 2.1.4 connection_version: 2 supported_versions: ["6.6.0"] sdk: type: slim - version: 6.1.2 + version: 6.2.4 user: root resources: source_url: https://github.com/rapid7/insightconnect-plugins/tree/master/plugins/cisco_firepower_management_center @@ -29,12 +29,14 @@ key_features: requirements: - "Cisco Firepower Management Center server name" - "Cisco Firepower Management Center username and password" -troubleshooting: "The certificate authentication is used solely in two actions, namely: `Add Scan Result` and `Bulk Add Scan Result`. Please remember, that the data entered into the certificate input field in the connection is required to be a base-64 encoded PKCS12 certificate file, exported from the Firepower Management Center server. The passphrase is a password created during the PKCS12 certificate file export.`SSL Verify` field is used by all other actions (i.e. excluding `Add Scan Result` and `Bulk Add Scan Result`), for SSL certificate verification. If the certificate is self-signed then SSL Verify should be set to `False` for those actions." +troubleshooting: +- "The certificate authentication is used solely in two actions, namely: `Add Scan Result` and `Bulk Add Scan Result`. Please remember, that the data entered into the certificate input field in the connection is required to be a base-64 encoded PKCS12 certificate file, exported from the Firepower Management Center server. The passphrase is a password created during the PKCS12 certificate file export.`SSL Verify` field is used by all other actions (i.e. excluding `Add Scan Result` and `Bulk Add Scan Result`), for SSL certificate verification. If the certificate is self-signed then SSL Verify should be set to `False` for those actions." links: - "[Cisco Firepower Management Center](https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html)" references: - "[Cisco Firepower Management Center](https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html)" version_history: +- "2.1.4 - Bumped 'cryptography' package to latest version | SDK Bump to 6.2.4" - "2.1.3 - Bumped 'cryptography' | SDK Bump to 6.1.2" - "2.1.2 - `Block URL Policy` - Refactor the action to use local API calls | Remove vulnerable dependencies" - "2.1.1 - Updated to latest SDK version | Fixed issue related to pagination" diff --git a/plugins/cisco_firepower_management_center/requirements.txt b/plugins/cisco_firepower_management_center/requirements.txt index 9e6ec7c36e..570276d182 100755 --- a/plugins/cisco_firepower_management_center/requirements.txt +++ b/plugins/cisco_firepower_management_center/requirements.txt @@ -3,4 +3,4 @@ # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files validators==0.22.0 parameterized==0.9.0 -cryptography==43.0.1 \ No newline at end of file +cryptography==44.0.1 diff --git a/plugins/cisco_firepower_management_center/setup.py b/plugins/cisco_firepower_management_center/setup.py index 938e8a1de3..6d86a6f088 100755 --- a/plugins/cisco_firepower_management_center/setup.py +++ b/plugins/cisco_firepower_management_center/setup.py @@ -3,8 +3,8 @@ setup(name="cisco_firepower_management_center-rapid7-plugin", - version="2.1.3", - description="This plugin utilizes Cisco Firepower Management Center to create URL block policies and manage address objects to block hosts", + version="2.1.4", + description="[Cisco Firepower Management Center](https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html) is your administrative nerve center for managing critical Cisco network security solutions.The Cisco Firepower Management Center InsightConnect plugin allows you to block URLs and hosts. Firewall best practices for blocking and unblocking hosts is to add and remove address objects from a group attached to an existing firewall policy such as a deny-all rule.In this example, adding an address object to a group attached to a deny-all rule will block the host, and removing the address object from the same group would unblock the host. Automating firewall blocking can be accomplished using the address object management actions in this plugin", author="rapid7", author_email="", url="",