Ticketing Scheme 3: WAS Finding Vulnerability Linking Ticket Scheme

A parent ticket (Vulnerable Web App) is created for every vulnerable web app and synced by the WAS Finding API. A child ticket (Vulnerable QID) is then created for each unique combination of QID and Finding ID.

The Vulnerable QID tickets are:

Linked to the Vulnerable Web App if respective detection status are in New/Active/Reopen/Protected.
Unlinked from the Vulnerable Web App ticket if they are re-synced in a Fixed status.

If all the Vulnerable QID tickets under a Vulnerable Web App ticket are unlinked and there no other linked tickets, then the Vulnerable Web App tickets are closed.

Vulnerable Web App:

Vulnerable QID:

Custom Fields for Ticketing Scheme 3 - WAS_Finding_Vuln_Linking_Ticket_Scheme

The table below lists the custom fields you can add for ticketing scheme 3. Refer to Creating Custom Fields to start adding the custom fields to your ticketing scheme.

Issue Type	Field Name	Field Type	Searchable
Vulnerable Web App	Web App ID	Number	Yes
	Web App Name	Text single line	Yes
	Web App URL	Text single line	Yes
	Primary key	Text - Read-only	Yes
Vulnerable QID	Finding Source	Text single line	Yes
	Severity	Number	Yes
	Type	Text single line	Yes
	QID	Number	Yes
	Detection type	Text single line	Yes
	OWASP	Text single line	Yes
	CWE	Text single line	Yes
	First detected	Text single line	Yes
	Last detected	Text single line	Yes
	Times detected	Text single line	Yes
	Web App ID	Number	Yes
	Finding ID	Number	Yes
	CVSS V3 Attack Vector	Text single line	Yes
	CVSS V3 Temporal	Number	Yes
	CVSS V3 Base	Number	Yes
	CVSS Base	Number	Yes
	CVSS Temporal	Number	Yes
	Unique ID	Text-single line	Yes
	Primary key	Text - Read-only	Yes
	Threat	Text Field-multi line	Yes
	Impact	Text Field-multi line	Yes
	Solution	Text Field-multi line	Yes

Currently, WAS module does not support customizing the template with additional Qualys WAS fields.

Last updated: September, 2025