= get-cwe(1)
Tioben Neenot
v1.0.0
:doctype: manpage
:manmanual: GET-CWE
:mansource: GET-CWE
:man-linkstyle: pass:[blue R < >]

== Name

*get-cwe* - Explore the CWE according to the given id.

== Usage

*get-cwe* [options]

== Options

*--check*:: Controls if the related cwe database is valid or not.
If the result is not valid, it will be necessary to create the cwe database with the `mitre-download` command.

*--refresh*:: Refresh the content of the CWE database from last mitre publication.

*--id CWE-<num>*:: Search the CWE id based on the format: `CWE-<num>` where `<num>`
is the awaiting CWE id.
Shows the list of CWE's id and its name.

With these options, other complementary options can be added to get more details information about the CWE required.
These options are describing below.

*--all*:: Show all CWE data.

*--cons*:: Shows only the CWE consequences.
Consequences list all available scope and impact of the CWE.

*--desc*:: Shows the description of the CWE.

*--detect*:: Shows the recommended detection for this CWE.
The detections show the list of recommanded methods with their descriptions and the estimated effectiveness.

*--ext*:: Shows the extended description of the CWE.

*--mitigation*:: Shows the mitigation section for this CWE.

== Notes

This command is interesting to be used with the `hey-nvd` command.
See the help for this command for CWE-ID consulting for a given CVE.

== Examples

Standard CWE consultation:

    # get-cwe --id CWE-91
    Id: CWE-91.
     L Name: XML Injection (aka Blind XPath Injection)

Shows the description associated with this CWE:

    # get-cwe --id cwe-91 --desc
     Id: CWE-91.
      L Name: XML Injection (aka Blind XPath Injection)
       L Description: The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.

List of consequences for this CWE:

    # get-cwe --id cwe-91 --cons
    Id: CWE-91.
     L Name: XML Injection (aka Blind XPath Injection)
       L Consequences
        L SCOPE
            - Confidentiality
            - Integrity
            - Availability
        L IMPACT
            - Execute Unauthorized Code or Commands
            - Read Application Data
            - Modify Application Data

== Exit

*0*::
Exit with success

*1*::
An error was occurred.

== Copying

Copyright (C) 2024 Tioben Neenot Free use of this software is granted under the terms of the MIT License.

== See also

get-cve(1), get-capec(1), hey-nvd(1)