'MarkableText' object has no attribute 'reference'

[stmtstk]

Hi All,

I tried to elevate a STIX 1.2 file which contains blocks. However, an error occurred.

 vulnerability_instance["external_references"].append({"source_name": "internet_resource", "url": ref.reference})
AttributeError: 'MarkableText' object has no attribute 'reference'

It seems that the reference value in the STIX file is not appropriate. The STIX file contains the reference value as below.

<et:References>
  <stixCommon:Reference>SOURCE: cve - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4878</stixCommon:Reference>
</et:References>

I would like to know the format of this reference value is a correct format or not. If the format is correct, we would like to fix it to convert this value.

[rpiazza]

Hi @stmtstk,

Several issues here. First there is a bug in the elevator - the code should be:

vulnerability_instance["external_references"].append({"source_name": "internet_resource", "url": ref})

I will include a fix to this in the next release, which is due soon.

A minor point - the STIX 1.2 spec says that the value of tag should be "any uri".

The elevator will not check for this during conversion, but since it calls the stix2 validator on the converted content, you will get an error.

[stmtstk]

Hi @rpiazza

Thank you for your kind reply. I am looking forward to the next release and I am going to check the stixCommon:Reference value in my STIX 1.2.

[stmtstk]

I checked how to generate this STIX 1.2 and found that this STIX 1.2 was generated from STIX 2.1 by using stix-slider. If STIX 2.1 contains an "external_references" in a vulnerability object, stix-slider generates a "NOT" anyURI format string" in a stixCommon:Reference block. I guess this conversion is invalid, and therefore I raised an issue in a stix-slider repository.

[rpiazza]

fix in release 2.2