Ticketing Scheme 4: Per Web App Finding Ticket Scheme

A single ticket (Finding Vulnerability) is created for every unique combination of detected Web APP, QID and Findings, Only if the detection status are in New/Active/Reopen/Protected. 

On successful creation of tickets with Ticketing Scheme 4, your web app and vulnerability details are displayed as shown below.

Finding Vulnerability: 

finding vulnerability

Custom Fields for Ticketing Scheme 4 - Per_Web_App_Finding_Ticket_Scheme

The table below lists the custom fields you can add for ticketing scheme 4. Refer to Creating Custom Fields to start adding the custom fields to your ticketing scheme.

Issue Type

Field Name

Field Type

Searchable

Finding Vulnera­bility

 

CVSS V3 Attack Vector   

Text single line

 

Yes

CVSS V3 Tempo­ral   

Number

Yes

CVSS V3 Base   

Number

Yes

CVSS Base   

Number

Yes

CVSS Temporal      

Number

Yes

Web App URL   

Text single line

Yes

Web App Name   

Text single line

Yes

Web App ID   

Number   

Yes

Times detected   

Text single line      

Yes

Last detected   

Text single line   

Yes

First detected   

Text single line   

Yes

CWE   

Text single line   

Yes

OWASP   

Text single line   

Yes

Detection type

Text-single line   

Yes

QID

Number

Yes

 

Type   

Text-single line   

Yes

Unique ID   

Text-single line   

Yes

Finding ID   

Number

Yes

 

Severity   

Number

Yes

 

Detection Status

Text-single line   

Yes

Finding Source   

Text-single line   

Yes

Primary key

Text - Read-only

Yes

Threat

Text Field-multi line

Yes

Impact

Text Field-multi line

Yes

Solution

Text Field-multi line

Yes

As of now WAS module does not support customizing the template with additional Qualys WAS fields