Merge branch 'master' of https://github.com/Checkmarx/kics into AST-4…

…5283-dockerCompose
Checkmarx · Sep 20, 2024 · ac3c736 · ac3c736
2 parents 712492e + 21234ad
commit ac3c736
Show file tree

Hide file tree

Showing 132 changed files with 83 additions and 78 deletions.
diff --git a/README.md b/README.md
@@ -262,7 +262,7 @@ KICS is used by various companies and organizations, some are listed below. If y
 -   [Firefly](https://www.firefly.ai/) ([Firefly Integrates With Checkmarx's KICS](https://www.firefly.ai/blog/firefly-integrates-with-checkmarxs-kics-to-enable-seamless-cloud-governance-from-code-to-cloud))
 -   [Redpanda](https://redpanda.com/)
 -   [Keptn](https://github.com/keptn) / [Keptn Lifecycle Toolkit](https://keptn.sh)
-
+ 
 **Keeping Infrastructure as Code Secure!**
 
 ---

diff --git a/assets/queries/azureResourceManager/account_admins_not_notified_by_email/metadata.json b/assets/queries/azureResourceManager/account_admins_not_notified_by_email/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "f7c29c0d",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/assets/queries/azureResourceManager/aks_cluster_network_policy_not_configured/metadata.json b/assets/queries/azureResourceManager/aks_cluster_network_policy_not_configured/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "25c0df8e",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "284"
 }
diff --git a/assets/queries/azureResourceManager/aks_cluster_rbac_disabled/metadata.json b/assets/queries/azureResourceManager/aks_cluster_rbac_disabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "b07ac0d6",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "287",
   "oldSeverity": "MEDIUM"
 }
diff --git a/assets/queries/azureResourceManager/aks_dashboard_enabled/metadata.json b/assets/queries/azureResourceManager/aks_dashboard_enabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "c12d3b42",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "200"
 }
diff --git a/assets/queries/azureResourceManager/aks_logging_azure_monitoring_disabled/metadata.json b/assets/queries/azureResourceManager/aks_logging_azure_monitoring_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "9b09c3e1",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/assets/queries/azureResourceManager/aks_with_authorized_ip_ranges_disabled/metadata.json b/assets/queries/azureResourceManager/aks_with_authorized_ip_ranges_disabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "258efab1",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "284",
   "oldSeverity": "MEDIUM"
 }
diff --git a/assets/queries/azureResourceManager/app_service_authentication_not_set/metadata.json b/assets/queries/azureResourceManager/app_service_authentication_not_set/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "831efa07",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "778",
   "oldSeverity": "INFO"
 }
diff --git a/assets/queries/azureResourceManager/azure_instance_using_basic_authentication/metadata.json b/assets/queries/azureResourceManager/azure_instance_using_basic_authentication/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "98ba05ca",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "522",
   "oldSeverity": "HIGH"
 }
diff --git a/assets/queries/azureResourceManager/azure_managed_disk_without_encryption/metadata.json b/assets/queries/azureResourceManager/azure_managed_disk_without_encryption/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "e2fa6cda",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "311"
 }
diff --git a/...ourceManager/default_azure_storage_account_network_access_is_too_permissive/metadata.json b/...ourceManager/default_azure_storage_account_network_access_is_too_permissive/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "d855ced8",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "284",
   "oldSeverity": "MEDIUM"
 }
diff --git a/assets/queries/azureResourceManager/email_notifications_set_off/metadata.json b/assets/queries/azureResourceManager/email_notifications_set_off/metadata.json
@@ -9,5 +9,5 @@
   "descriptionID": "7f5b9ef4",
   "aggregation": 2,
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/...queries/azureResourceManager/hardcoded_securestring_parameter_default_value/metadata.json b/...queries/azureResourceManager/hardcoded_securestring_parameter_default_value/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "a7bb7cb1",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "798",
   "oldSeverity": "MEDIUM"
 }
diff --git a/assets/queries/azureResourceManager/key_vault_not_recoverable/metadata.json b/assets/queries/azureResourceManager/key_vault_not_recoverable/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "8e3ca202",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "530"
 }
diff --git a/assets/queries/azureResourceManager/log_profile_incorrect_category/metadata.json b/assets/queries/azureResourceManager/log_profile_incorrect_category/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "ead4e0f2",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "778",
   "oldSeverity": "MEDIUM"
 }
diff --git a/assets/queries/azureResourceManager/mysql_server_ssl_enforcement_disabled/metadata.json b/assets/queries/azureResourceManager/mysql_server_ssl_enforcement_disabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "69fea5b1",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "319",
   "oldSeverity": "HIGH"
 }
diff --git a/...azureResourceManager/network_security_group_with_unrestricted_access_to_rdp/metadata.json b/...azureResourceManager/network_security_group_with_unrestricted_access_to_rdp/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "e09bde32",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "284"
 }
diff --git a/...azureResourceManager/network_security_group_with_unrestricted_access_to_ssh/metadata.json b/...azureResourceManager/network_security_group_with_unrestricted_access_to_ssh/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "97b6233c",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "284",
   "oldSeverity": "HIGH"
 }
diff --git a/assets/queries/azureResourceManager/phone_number_not_set_security_contacts/metadata.json b/assets/queries/azureResourceManager/phone_number_not_set_security_contacts/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "8b9ef792",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/...nection_throttling_disabled/metadata.json → ...nection_throttling_disabled/metadata.json b/...nection_throttling_disabled/metadata.json → ...nection_throttling_disabled/metadata.json
@@ -1,12 +1,12 @@
 {
   "id": "a6d774b6-d9ea-4bf4-8433-217bf15d2fb8",
-  "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+  "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
   "severity": "MEDIUM",
   "category": "Networking and Firewall",
   "descriptionText": "Microsoft.DBforPostgreSQL/servers/configurations should have 'connection_throttling' property set to 'on'",
   "descriptionUrl": "https://docs.microsoft.com/en-us/azure/templates/microsoft.dbforpostgresql/servers/configurations?tabs=json",
   "platform": "AzureResourceManager",
   "descriptionID": "2eb0e3a8",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "770"
 }
diff --git a/...connection_throttling_disabled/query.rego → ...connection_throttling_disabled/query.rego b/...connection_throttling_disabled/query.rego → ...connection_throttling_disabled/query.rego
diff --git a/..._throttling_disabled/test/negative1.bicep → ..._throttling_disabled/test/negative1.bicep b/..._throttling_disabled/test/negative1.bicep → ..._throttling_disabled/test/negative1.bicep
diff --git a/...n_throttling_disabled/test/negative1.json → ...n_throttling_disabled/test/negative1.json b/...n_throttling_disabled/test/negative1.json → ...n_throttling_disabled/test/negative1.json
diff --git a/..._throttling_disabled/test/negative2.bicep → ..._throttling_disabled/test/negative2.bicep b/..._throttling_disabled/test/negative2.bicep → ..._throttling_disabled/test/negative2.bicep
diff --git a/...n_throttling_disabled/test/negative2.json → ...n_throttling_disabled/test/negative2.json b/...n_throttling_disabled/test/negative2.json → ...n_throttling_disabled/test/negative2.json
diff --git a/..._throttling_disabled/test/negative3.bicep → ..._throttling_disabled/test/negative3.bicep b/..._throttling_disabled/test/negative3.bicep → ..._throttling_disabled/test/negative3.bicep
diff --git a/...n_throttling_disabled/test/negative3.json → ...n_throttling_disabled/test/negative3.json b/...n_throttling_disabled/test/negative3.json → ...n_throttling_disabled/test/negative3.json
diff --git a/..._throttling_disabled/test/negative4.bicep → ..._throttling_disabled/test/negative4.bicep b/..._throttling_disabled/test/negative4.bicep → ..._throttling_disabled/test/negative4.bicep
diff --git a/...n_throttling_disabled/test/negative4.json → ...n_throttling_disabled/test/negative4.json b/...n_throttling_disabled/test/negative4.json → ...n_throttling_disabled/test/negative4.json
diff --git a/..._throttling_disabled/test/positive1.bicep → ..._throttling_disabled/test/positive1.bicep b/..._throttling_disabled/test/positive1.bicep → ..._throttling_disabled/test/positive1.bicep
diff --git a/...n_throttling_disabled/test/positive1.json → ...n_throttling_disabled/test/positive1.json b/...n_throttling_disabled/test/positive1.json → ...n_throttling_disabled/test/positive1.json
diff --git a/..._throttling_disabled/test/positive2.bicep → ..._throttling_disabled/test/positive2.bicep b/..._throttling_disabled/test/positive2.bicep → ..._throttling_disabled/test/positive2.bicep
diff --git a/...n_throttling_disabled/test/positive2.json → ...n_throttling_disabled/test/positive2.json b/...n_throttling_disabled/test/positive2.json → ...n_throttling_disabled/test/positive2.json
diff --git a/..._throttling_disabled/test/positive3.bicep → ..._throttling_disabled/test/positive3.bicep b/..._throttling_disabled/test/positive3.bicep → ..._throttling_disabled/test/positive3.bicep
diff --git a/...n_throttling_disabled/test/positive3.json → ...n_throttling_disabled/test/positive3.json b/...n_throttling_disabled/test/positive3.json → ...n_throttling_disabled/test/positive3.json
diff --git a/..._throttling_disabled/test/positive4.bicep → ..._throttling_disabled/test/positive4.bicep b/..._throttling_disabled/test/positive4.bicep → ..._throttling_disabled/test/positive4.bicep
diff --git a/...n_throttling_disabled/test/positive4.json → ...n_throttling_disabled/test/positive4.json b/...n_throttling_disabled/test/positive4.json → ...n_throttling_disabled/test/positive4.json
diff --git a/..._throttling_disabled/test/positive5.bicep → ..._throttling_disabled/test/positive5.bicep b/..._throttling_disabled/test/positive5.bicep → ..._throttling_disabled/test/positive5.bicep
diff --git a/...n_throttling_disabled/test/positive5.json → ...n_throttling_disabled/test/positive5.json b/...n_throttling_disabled/test/positive5.json → ...n_throttling_disabled/test/positive5.json
diff --git a/..._throttling_disabled/test/positive6.bicep → ..._throttling_disabled/test/positive6.bicep b/..._throttling_disabled/test/positive6.bicep → ..._throttling_disabled/test/positive6.bicep
diff --git a/...n_throttling_disabled/test/positive6.json → ...n_throttling_disabled/test/positive6.json b/...n_throttling_disabled/test/positive6.json → ...n_throttling_disabled/test/positive6.json
diff --git a/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json b/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json
@@ -1,72 +1,72 @@
 [
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 45,
     "fileName": "positive1.json"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 9,
     "fileName": "positive2.json"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 9,
     "fileName": "positive3.json"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 47,
     "fileName": "positive4.json"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 11,
     "fileName": "positive5.json"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 11,
     "fileName": "positive6.json"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 36,
     "fileName": "positive1.bicep"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 2,
     "fileName": "positive2.bicep"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 2,
     "fileName": "positive3.bicep"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 36,
     "fileName": "positive4.bicep"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 2,
     "fileName": "positive5.bicep"
   },
   {
-    "queryName": "PostgresSQL Database Server Connection Throttling Disabled",
+    "queryName": "PostgreSQL Database Server Connection Throttling Disabled",
     "severity": "MEDIUM",
     "line": 2,
     "fileName": "positive6.bicep"

diff --git a/...ver_log_checkpoint_disabled/metadata.json → ...ver_log_checkpoint_disabled/metadata.json b/...ver_log_checkpoint_disabled/metadata.json → ...ver_log_checkpoint_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "be873a2e",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/...server_log_checkpoint_disabled/query.rego → ...server_log_checkpoint_disabled/query.rego b/...server_log_checkpoint_disabled/query.rego → ...server_log_checkpoint_disabled/query.rego
diff --git a/..._checkpoint_disabled/test/negative1.bicep → ..._checkpoint_disabled/test/negative1.bicep b/..._checkpoint_disabled/test/negative1.bicep → ..._checkpoint_disabled/test/negative1.bicep
diff --git a/...g_checkpoint_disabled/test/negative1.json → ...g_checkpoint_disabled/test/negative1.json b/...g_checkpoint_disabled/test/negative1.json → ...g_checkpoint_disabled/test/negative1.json
diff --git a/..._checkpoint_disabled/test/negative2.bicep → ..._checkpoint_disabled/test/negative2.bicep b/..._checkpoint_disabled/test/negative2.bicep → ..._checkpoint_disabled/test/negative2.bicep
diff --git a/...g_checkpoint_disabled/test/negative2.json → ...g_checkpoint_disabled/test/negative2.json b/...g_checkpoint_disabled/test/negative2.json → ...g_checkpoint_disabled/test/negative2.json
diff --git a/..._checkpoint_disabled/test/positive1.bicep → ..._checkpoint_disabled/test/positive1.bicep b/..._checkpoint_disabled/test/positive1.bicep → ..._checkpoint_disabled/test/positive1.bicep
diff --git a/...g_checkpoint_disabled/test/positive1.json → ...g_checkpoint_disabled/test/positive1.json b/...g_checkpoint_disabled/test/positive1.json → ...g_checkpoint_disabled/test/positive1.json
diff --git a/..._checkpoint_disabled/test/positive2.bicep → ..._checkpoint_disabled/test/positive2.bicep b/..._checkpoint_disabled/test/positive2.bicep → ..._checkpoint_disabled/test/positive2.bicep
diff --git a/...g_checkpoint_disabled/test/positive2.json → ...g_checkpoint_disabled/test/positive2.json b/...g_checkpoint_disabled/test/positive2.json → ...g_checkpoint_disabled/test/positive2.json
diff --git a/..._checkpoint_disabled/test/positive3.bicep → ..._checkpoint_disabled/test/positive3.bicep b/..._checkpoint_disabled/test/positive3.bicep → ..._checkpoint_disabled/test/positive3.bicep
diff --git a/...g_checkpoint_disabled/test/positive3.json → ...g_checkpoint_disabled/test/positive3.json b/...g_checkpoint_disabled/test/positive3.json → ...g_checkpoint_disabled/test/positive3.json
diff --git a/..._checkpoint_disabled/test/positive4.bicep → ..._checkpoint_disabled/test/positive4.bicep b/..._checkpoint_disabled/test/positive4.bicep → ..._checkpoint_disabled/test/positive4.bicep
diff --git a/...g_checkpoint_disabled/test/positive4.json → ...g_checkpoint_disabled/test/positive4.json b/...g_checkpoint_disabled/test/positive4.json → ...g_checkpoint_disabled/test/positive4.json
diff --git a/..._checkpoint_disabled/test/positive5.bicep → ..._checkpoint_disabled/test/positive5.bicep b/..._checkpoint_disabled/test/positive5.bicep → ..._checkpoint_disabled/test/positive5.bicep
diff --git a/...g_checkpoint_disabled/test/positive5.json → ...g_checkpoint_disabled/test/positive5.json b/...g_checkpoint_disabled/test/positive5.json → ...g_checkpoint_disabled/test/positive5.json
diff --git a/..._checkpoint_disabled/test/positive6.bicep → ..._checkpoint_disabled/test/positive6.bicep b/..._checkpoint_disabled/test/positive6.bicep → ..._checkpoint_disabled/test/positive6.bicep
diff --git a/...g_checkpoint_disabled/test/positive6.json → ...g_checkpoint_disabled/test/positive6.json b/...g_checkpoint_disabled/test/positive6.json → ...g_checkpoint_disabled/test/positive6.json
diff --git a/..._checkpoint_disabled/test/positive7.bicep → ..._checkpoint_disabled/test/positive7.bicep b/..._checkpoint_disabled/test/positive7.bicep → ..._checkpoint_disabled/test/positive7.bicep
diff --git a/...g_checkpoint_disabled/test/positive7.json → ...g_checkpoint_disabled/test/positive7.json b/...g_checkpoint_disabled/test/positive7.json → ...g_checkpoint_disabled/test/positive7.json
diff --git a/..._checkpoint_disabled/test/positive8.bicep → ..._checkpoint_disabled/test/positive8.bicep b/..._checkpoint_disabled/test/positive8.bicep → ..._checkpoint_disabled/test/positive8.bicep
diff --git a/...g_checkpoint_disabled/test/positive8.json → ...g_checkpoint_disabled/test/positive8.json b/...g_checkpoint_disabled/test/positive8.json → ...g_checkpoint_disabled/test/positive8.json
diff --git a/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json b/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json
diff --git a/...er_log_connections_disabled/metadata.json → ...er_log_connections_disabled/metadata.json b/...er_log_connections_disabled/metadata.json → ...er_log_connections_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "3769181b",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/...erver_log_connections_disabled/query.rego → ...erver_log_connections_disabled/query.rego b/...erver_log_connections_disabled/query.rego → ...erver_log_connections_disabled/query.rego
diff --git a/...connections_disabled/test/negative1.bicep → ...connections_disabled/test/negative1.bicep b/...connections_disabled/test/negative1.bicep → ...connections_disabled/test/negative1.bicep
diff --git a/..._connections_disabled/test/negative1.json → ..._connections_disabled/test/negative1.json b/..._connections_disabled/test/negative1.json → ..._connections_disabled/test/negative1.json
diff --git a/...connections_disabled/test/negative2.bicep → ...connections_disabled/test/negative2.bicep b/...connections_disabled/test/negative2.bicep → ...connections_disabled/test/negative2.bicep
diff --git a/..._connections_disabled/test/negative2.json → ..._connections_disabled/test/negative2.json b/..._connections_disabled/test/negative2.json → ..._connections_disabled/test/negative2.json
diff --git a/...connections_disabled/test/negative3.bicep → ...connections_disabled/test/negative3.bicep b/...connections_disabled/test/negative3.bicep → ...connections_disabled/test/negative3.bicep
diff --git a/..._connections_disabled/test/negative3.json → ..._connections_disabled/test/negative3.json b/..._connections_disabled/test/negative3.json → ..._connections_disabled/test/negative3.json
diff --git a/...connections_disabled/test/negative4.bicep → ...connections_disabled/test/negative4.bicep b/...connections_disabled/test/negative4.bicep → ...connections_disabled/test/negative4.bicep
diff --git a/..._connections_disabled/test/negative4.json → ..._connections_disabled/test/negative4.json b/..._connections_disabled/test/negative4.json → ..._connections_disabled/test/negative4.json
diff --git a/...connections_disabled/test/positive1.bicep → ...connections_disabled/test/positive1.bicep b/...connections_disabled/test/positive1.bicep → ...connections_disabled/test/positive1.bicep
diff --git a/..._connections_disabled/test/positive1.json → ..._connections_disabled/test/positive1.json b/..._connections_disabled/test/positive1.json → ..._connections_disabled/test/positive1.json
diff --git a/...connections_disabled/test/positive2.bicep → ...connections_disabled/test/positive2.bicep b/...connections_disabled/test/positive2.bicep → ...connections_disabled/test/positive2.bicep
diff --git a/..._connections_disabled/test/positive2.json → ..._connections_disabled/test/positive2.json b/..._connections_disabled/test/positive2.json → ..._connections_disabled/test/positive2.json
diff --git a/...connections_disabled/test/positive3.bicep → ...connections_disabled/test/positive3.bicep b/...connections_disabled/test/positive3.bicep → ...connections_disabled/test/positive3.bicep
diff --git a/..._connections_disabled/test/positive3.json → ..._connections_disabled/test/positive3.json b/..._connections_disabled/test/positive3.json → ..._connections_disabled/test/positive3.json
diff --git a/...connections_disabled/test/positive4.bicep → ...connections_disabled/test/positive4.bicep b/...connections_disabled/test/positive4.bicep → ...connections_disabled/test/positive4.bicep
diff --git a/..._connections_disabled/test/positive4.json → ..._connections_disabled/test/positive4.json b/..._connections_disabled/test/positive4.json → ..._connections_disabled/test/positive4.json
diff --git a/...connections_disabled/test/positive5.bicep → ...connections_disabled/test/positive5.bicep b/...connections_disabled/test/positive5.bicep → ...connections_disabled/test/positive5.bicep
diff --git a/..._connections_disabled/test/positive5.json → ..._connections_disabled/test/positive5.json b/..._connections_disabled/test/positive5.json → ..._connections_disabled/test/positive5.json
diff --git a/...connections_disabled/test/positive6.bicep → ...connections_disabled/test/positive6.bicep b/...connections_disabled/test/positive6.bicep → ...connections_disabled/test/positive6.bicep
diff --git a/..._connections_disabled/test/positive6.json → ..._connections_disabled/test/positive6.json b/..._connections_disabled/test/positive6.json → ..._connections_disabled/test/positive6.json
diff --git a/...connections_disabled/test/positive7.bicep → ...connections_disabled/test/positive7.bicep b/...connections_disabled/test/positive7.bicep → ...connections_disabled/test/positive7.bicep
diff --git a/..._connections_disabled/test/positive7.json → ..._connections_disabled/test/positive7.json b/..._connections_disabled/test/positive7.json → ..._connections_disabled/test/positive7.json
diff --git a/...connections_disabled/test/positive8.bicep → ...connections_disabled/test/positive8.bicep b/...connections_disabled/test/positive8.bicep → ...connections_disabled/test/positive8.bicep
diff --git a/..._connections_disabled/test/positive8.json → ..._connections_disabled/test/positive8.json b/..._connections_disabled/test/positive8.json → ..._connections_disabled/test/positive8.json
diff --git a/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json b/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json
diff --git a/...res_sql_server_ssl_disabled/metadata.json → ...tgresql_server_ssl_disabled/metadata.json b/...res_sql_server_ssl_disabled/metadata.json → ...tgresql_server_ssl_disabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "67cfaa3b",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "732",
   "oldSeverity": "HIGH"
 }
diff --git a/...stgres_sql_server_ssl_disabled/query.rego → ...postgresql_server_ssl_disabled/query.rego b/...stgres_sql_server_ssl_disabled/query.rego → ...postgresql_server_ssl_disabled/query.rego
diff --git a/..._server_ssl_disabled/test/negative1.bicep → ..._server_ssl_disabled/test/negative1.bicep b/..._server_ssl_disabled/test/negative1.bicep → ..._server_ssl_disabled/test/negative1.bicep
diff --git a/...l_server_ssl_disabled/test/negative1.json → ...l_server_ssl_disabled/test/negative1.json b/...l_server_ssl_disabled/test/negative1.json → ...l_server_ssl_disabled/test/negative1.json
diff --git a/..._server_ssl_disabled/test/negative2.bicep → ..._server_ssl_disabled/test/negative2.bicep b/..._server_ssl_disabled/test/negative2.bicep → ..._server_ssl_disabled/test/negative2.bicep
diff --git a/...l_server_ssl_disabled/test/negative2.json → ...l_server_ssl_disabled/test/negative2.json b/...l_server_ssl_disabled/test/negative2.json → ...l_server_ssl_disabled/test/negative2.json
diff --git a/..._server_ssl_disabled/test/positive1.bicep → ..._server_ssl_disabled/test/positive1.bicep b/..._server_ssl_disabled/test/positive1.bicep → ..._server_ssl_disabled/test/positive1.bicep
diff --git a/...l_server_ssl_disabled/test/positive1.json → ...l_server_ssl_disabled/test/positive1.json b/...l_server_ssl_disabled/test/positive1.json → ...l_server_ssl_disabled/test/positive1.json
diff --git a/..._server_ssl_disabled/test/positive2.bicep → ..._server_ssl_disabled/test/positive2.bicep b/..._server_ssl_disabled/test/positive2.bicep → ..._server_ssl_disabled/test/positive2.bicep
diff --git a/...l_server_ssl_disabled/test/positive2.json → ...l_server_ssl_disabled/test/positive2.json b/...l_server_ssl_disabled/test/positive2.json → ...l_server_ssl_disabled/test/positive2.json
diff --git a/..._server_ssl_disabled/test/positive3.bicep → ..._server_ssl_disabled/test/positive3.bicep b/..._server_ssl_disabled/test/positive3.bicep → ..._server_ssl_disabled/test/positive3.bicep
diff --git a/...l_server_ssl_disabled/test/positive3.json → ...l_server_ssl_disabled/test/positive3.json b/...l_server_ssl_disabled/test/positive3.json → ...l_server_ssl_disabled/test/positive3.json
diff --git a/..._server_ssl_disabled/test/positive4.bicep → ..._server_ssl_disabled/test/positive4.bicep b/..._server_ssl_disabled/test/positive4.bicep → ..._server_ssl_disabled/test/positive4.bicep
diff --git a/...l_server_ssl_disabled/test/positive4.json → ...l_server_ssl_disabled/test/positive4.json b/...l_server_ssl_disabled/test/positive4.json → ...l_server_ssl_disabled/test/positive4.json
diff --git a/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json b/...sabled/test/positive_expected_result.json → ...sabled/test/positive_expected_result.json
diff --git a/...ureResourceManager/role_definitions_allow_custom_subscription_role_creation/metadata.json b/...ureResourceManager/role_definitions_allow_custom_subscription_role_creation/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "7d8860a5",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "266",
   "oldSeverity": "MEDIUM"
 }
diff --git a/assets/queries/azureResourceManager/secret_without_expiration_date/metadata.json b/assets/queries/azureResourceManager/secret_without_expiration_date/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "bb5f96a2",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "1390",
   "oldSeverity": "HIGH"
 }
diff --git a/assets/queries/azureResourceManager/sql_alert_policy_without_emails/metadata.json b/assets/queries/azureResourceManager/sql_alert_policy_without_emails/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "3b84ba2d",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/...ts/queries/azureResourceManager/sql_database_server_firewall_allows_all_ips/metadata.json b/...ts/queries/azureResourceManager/sql_database_server_firewall_allows_all_ips/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "6664d4d6",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "284",
   "oldSeverity": "HIGH"
 }
diff --git a/assets/queries/azureResourceManager/sql_server_database_with_alerts_disabled/metadata.json b/assets/queries/azureResourceManager/sql_server_database_with_alerts_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "e8a4e321",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/...ts/queries/azureResourceManager/sql_server_database_with_low_retention_days/metadata.json b/...ts/queries/azureResourceManager/sql_server_database_with_low_retention_days/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "7867ae74",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "778",
   "oldSeverity": "MEDIUM"
 }
diff --git a/assets/queries/azureResourceManager/sql_server_database_without_auditing/metadata.json b/assets/queries/azureResourceManager/sql_server_database_without_auditing/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "16d077a1",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/assets/queries/azureResourceManager/standard_price_not_selected/metadata.json b/assets/queries/azureResourceManager/standard_price_not_selected/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "2081c7dc",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "732",
   "oldSeverity": "MEDIUM"
 }
diff --git a/.../queries/azureResourceManager/storage_account_allows_network_default_access/metadata.json b/.../queries/azureResourceManager/storage_account_allows_network_default_access/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "6ae0507e",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "319"
 }
diff --git a/assets/queries/azureResourceManager/storage_account_allows_unsecure_transfer/metadata.json b/assets/queries/azureResourceManager/storage_account_allows_unsecure_transfer/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "f87b26ea",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "319",
   "oldSeverity": "HIGH"
 }
diff --git a/...ries/azureResourceManager/storage_blob_service_container_with_public_access/metadata.json b/...ries/azureResourceManager/storage_blob_service_container_with_public_access/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "49e52e15",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "284"
 }
diff --git a/...zureResourceManager/storage_logging_for_read_write_delete_requests_disabled/metadata.json b/...zureResourceManager/storage_logging_for_read_write_delete_requests_disabled/metadata.json
@@ -8,5 +8,5 @@
   "platform": "AzureResourceManager",
   "descriptionID": "83fa7bb6",
   "cloudProvider": "azure",
-  "cwe": ""
+  "cwe": "778"
 }
diff --git a/assets/queries/azureResourceManager/trusted_microsoft_services_not_enabled/metadata.json b/assets/queries/azureResourceManager/trusted_microsoft_services_not_enabled/metadata.json
@@ -8,6 +8,6 @@
   "platform": "AzureResourceManager",
   "descriptionID": "88ca11b3",
   "cloudProvider": "azure",
-  "cwe": "",
+  "cwe": "284",
   "oldSeverity": "HIGH"
 }