Third-Party Vulnerability Entry

Table Name: (sn_vul_third_party_entry)

The following table contains filed mappings for Third-Party Vulnerability Entry:

Field in Qualys KB API Response  Corresponding Field on ServiceNow UI Expected Values
<QID> ID vulnerability qid
<TITLE> Name name of the vulnerability

<CVSS>

.. <TEMPORAL> ..

</CVSS>

 Temporal score (v2) CVSS v2 temporal score

<CVSS_V3>

.. <TEMPORAL> ..

</CVSS_V3>

 Temporal score (v3) CVSS v3 temporal score
<SEVERITY_LEVEL> Source Severity     vulnerability severity level

<CVSS> <ACCESS> <COMPLEXITY>

</ACCESS> <CVSS>

 Access complexity (v2)

 (1,2,3)                                       

The KB API responds with CVSS V2 Access Complexity as numeric values, which is mapped in the ServiceNow field as is.       

<CVSS>

<ACCESS>

<VECTOR>

</ACCESS> <CVSS>

 Access vector (v2)

 (1,2,3)                                       

The KB API responds with CVSS V2 Access Vector as numeric values, which is mapped in the ServiceNow field as is.       

<CVSS_V3>

<ATTACK>

<COMPLEXITY>

</ATTACK>

<CVSS_V3>

 Attack complexity (v3)

 (1,2)                                            

The KB API responds with CVSS V3 Attack Complexity as numeric values, which are mapped in the ServiceNow field as is.     

<CVSS_V3>

<ATTACK>

<VECTOR>

</ATTACK>

<CVSS_V3>

 Attack vector (v3)

 (1,2,3,4)                                       

The KB API responds with CVSS V3 Attack vector as numeric values, which is mapped in the ServiceNow field as is.        

<CVSS>

<AUTHENTICATION>

</CVSS>

 Authentication (v2)

 (1,2,3)                                       

The KB API responds with CVSS V2 Authentication as numeric values, which is mapped in the ServiceNow field as is.       

<CVSS><IMPACT>

<AVAILABILITY>

</IMPACT></CVSS>

 Availability impact (v2)

 (1,2,3)                                        

The KB API responds with CVSS V2 Availability Impact as numeric values, which is mapped in the ServiceNow field as is.       

<CVSS_V3>

<IMPACT>

<AVAILABILITY>

</IMPACT>

</CVSS_V3>

 Availability impact (v3)

 (1,2,3)                                       

The KB API responds with CVSS V3 Availability Impact as numeric values, which is mapped in the ServiceNow field as is.       

<CVSS><IMPACT>

<CONFIDENTIALITY>

</IMPACT>

</CVSS>

 Confidentiality impact (v2)

 (1,2,3)                                       

The KB API responds with CVSS V2 Confidentiality Impact as numeric values, which are mapped in the ServiceNow field as is.       

<CVSS_V3>

<IMPACT>

<CONFIDENTIALITY>

</IMPACT>

</CVSS_V3>

 Confidentiality impact (v3)

 (1,2,3)                                       

The KB API responds with CVSS V3 Confidentiality Impact as numeric values, which are mapped in the ServiceNow field as is.        

<CVSS_V3>

<EXPLOIT_CODE_MATURITY>

</CVSS_V3>

 Exploit code maturity (v3)

 (1,2,3,4)                                       

The KB API responds with CVSS V3 Exploit Code Maturity as numeric values, which is mapped in the ServiceNow field as is.  

<CVSS>

<EXPLOITABILITY>

3

</EXPLOITABILITY>

</CVSS>

 Exploitability subscore (v2)

 (1,2,3,4)                                       

The KB API responds with CVSS V2 Exploitability Subscore as numeric values, which is mapped in the ServiceNow field as is.      

<CVSS_V3>

<IMPACT>

<INTEGRITY>

</IMPACT>

</CVSS_V3>

 Integrity impact (v3)

 (1,2,3)                                       

The KB API responds with CVSS V3 Integrity Impact as numeric values, which is mapped in the ServiceNow field as is.       

<CVSS_V3>

<PRIVILEGES_REQUIRED>

</CVSS_V3>

 Privileges required (v3)

 (1,2,3)                                       

The KB API responds with CVSS V3 Privileges Required as numeric values, which are mapped in the ServiceNow field as is.

<CVSS>

<REMEDIATION_LEVEL>

</CVSS>

 Remediation level (v2)

 (1,2,3,4)                                       

The KB API responds with CVSS V2 Remediation level as numeric values, which is mapped in the ServiceNow field as is.   

<CVSS_V3>

<REMEDIATION_LEVEL>

</CVSS_V3>

 Remediation level (v3)

 (1,2,3,4)                                       

The KB API responds with CVSS V3 Remediation level as numeric values, which is mapped in the ServiceNow field as is.
<SOLUTION> Remediation notes  

<CVSS>

<REPORT_CONFIDENCE>

</CVSS>

 Report confidence (v2)

 (1,2,3)                                       

The KB API responds with CVSS V2 Report Confidence as numeric values, which is mapped in the ServiceNow field as is.      

<CVSS_V3>

<REPORT_CONFIDENCE>

</CVSS_V3>

 Report confidence (v3)

 (1,2,3)                                       

The KB API responds with CVSS V3 Report Confidence as numeric values, which is mapped in the ServiceNow field as is.

<CVSS_V3>

<SCOPE>

</CVSS_V3>

 Scope change (v3)

 (1,2)                                            

The KB API responds with CVSS V3 Scope Change as numeric values, which is mapped in the ServiceNow field as is.    
<DIAGNOSIS> Threat  

<CVSS_V3>

<USER_INTERACTION>

</CVSS_V3>

 User interaction (v3)

 (1,2)                                            

The KB API responds with CVSS V3 User Interaction as numeric values, which are mapped in the ServiceNow field as is         

<CVSS>

<VECTOR_STRING>

</CVSS>

 Vector string (v2) CVSS v2 vector string

<CVSS_V3>

<VECTOR_STRING>

</CVSS_V3>

 Vector string (v3) CVSS v3 vector string

<CVSS>

<IMPACT>

<INTEGRITY>

</IMPACT>

</CVSS>

 Integrity impact (v2)  

<CVSS>

 <EXPLOITABILITY>3

</EXPLOITABILITY>

</CVSS>

 Exploitability (v2) (1,2,3,4) 

The KB API responds with CVSS V2 Exploitability Subscore as numeric values, which is mapped in the ServiceNow field as is.      
  Source  Qualys(HardCoded)

<CATEGORY>

</CATEGORY>

 Category  
<CORRELATION>
      <EXPLOITS>
       <EXPLT_LIST>
            <EXPLT>
             <DESC></DESC>  </EXPLT></EXPLT_LIST> </EXPLOITS></CORRELATION>		 Summary  

 

Related Topic

Discovered Container Image

Container Vulnerable Item

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.