A single ticket (Finding Vulnerability) is created for every unique combination of detected Web APP, QID and Findings, Only if the detection status are in New/Active/Reopen/Protected.
On successful creation of tickets with Ticketing Scheme 4, your web app and vulnerability details are displayed as shown below.
The table below lists the custom fields you can add for ticketing scheme 4. Refer to Creating Custom Fields to start adding the custom fields to your ticketing scheme.
Issue Type |
Field Name |
Field Type |
Searchable |
---|---|---|---|
Finding Vulnerability
|
CVSS V3 Attack Vector |
Text single line
|
Yes |
CVSS V3 Temporal |
Number |
Yes |
|
CVSS V3 Base |
Number |
Yes |
|
CVSS Base |
Number |
Yes |
|
CVSS Temporal |
Number |
Yes |
|
Web App URL |
Text single line |
Yes |
|
Web App Name |
Text single line |
Yes |
|
Web App ID |
Number |
Yes |
|
Times detected |
Text single line |
Yes |
|
Last detected |
Text single line |
Yes |
|
First detected |
Text single line |
Yes |
|
CWE |
Text single line |
Yes |
|
OWASP |
Text single line |
Yes |
|
Detection type |
Text-single line |
Yes |
|
QID |
Number |
Yes
|
|
Type |
Text-single line |
Yes |
|
Unique ID |
Text-single line |
Yes |
|
Finding ID |
Number |
Yes
|
|
Severity |
Number |
Yes
|
|
Detection Status |
Text-single line |
Yes |
|
Finding Source |
Text-single line |
Yes |
|
Primary key |
Text - Read-only |
Yes |
|
Threat |
Text Field-multi line |
Yes |
|
Impact |
Text Field-multi line |
Yes |
|
Solution |
Text Field-multi line |
Yes |
As of now WAS module does not support customizing the template with additional Qualys WAS fields