Ticketing Scheme 3: WAS Finding Vulnerability Linking Ticket Scheme

A parent ticket (Vulnerable Web App) is created for every vulnerable web app and synced by the WAS Finding API. A child ticket (Vulnerable QID) is then created for each unique combination of QID and Finding ID.

The Vulnerable QID tickets are:

If all the Vulnerable QID tickets under a Vulnerable Web App ticket are unlinked and there no other linked tickets, then the Vulnerable Web App tickets are closed.

Vulnerable Web App:

vulnerability web app

Vulnerable QID:

vulnerability qid

 

Custom Fields for Ticketing Scheme 3 - WAS_Finding_Vuln_Linking_Ticket_Scheme

The table below lists the custom fields you can add for ticketing scheme 3. Refer to Creating Custom Fields to start adding the custom fields to your ticketing scheme.

Issue Type

Field Name

Field Type

Searchable

Vulnerable Web App

Web App ID   

Number

Yes

Web App Name   

Text single line

Yes

Web App URL   

Text single line

Yes

Primary key

Text - Read-only

Yes

Vulnerable QID

 

Finding Source   

Text single line

Yes

Severity

Number   

 

Yes

Type

Text single line

Yes

QID

Number   

 

Yes

Detection type   

Text single line      

Yes

 

OWASP

Text single line   

Yes

CWE   

Text single line   

Yes

First detected    

Text single line   

Yes

Last detected   

Text single line   

Yes

Times detected   

Text single line   

Yes

Web App ID   

Number   

 

Yes

Finding ID

Number

Yes

 

CVSS V3 Attack Vector   

Text single line

 

Yes

CVSS V3 Temporal   

Number

Yes

CVSS V3 Base   

Number

Yes

CVSS Base   

Number

Yes

CVSS Temporal      

Number

Yes

Unique ID   

Text-single line   

Yes

Primary key

Text - Read-only

Yes

Threat

Text Field-multi line

Yes

Impact

Text Field-multi line

Yes

Solution

Text Field-multi line

Yes

As of now WAS module does not support customizing the template with additional Qualys WAS fields