Edit Finding Severity

[POST] /qps/rest/3.0/editSeverity/was/finding

[POST] /qps/rest/3.0/editSeverity/was/finding/<id>

Edit the severity level of the given findings.

Permissions required - User must have WAS module enabled. User account must have these permissions: Access Permission “API Access” and "Ignore Vulnerabilities" permission. User must have access to web application which belongs to given WebAppVuln id. The output includes findings for web applications in the user's scope.

Input ParametersInput Parameters

These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND.

Click here for available operators

Parameter

Mandatory

/Optional

Data Type

Description

id

Optional

integer

ID of the finding (WebAppVuln, WebAppIg, or WebAppSensitiveContent).

uniqueId

Optional

value

The 36-bit unique id assigned to the finding.

For example:   

<Finding>
   <id>132990</id>
   <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
    <qid>150004</qid>
...

new severity level

Optional

integer

{1,2,3,4,5}

comments

Optional

text

User comments.

Sample - Edit severity levelSample - Edit severity level

Edit severity for single finding.

API request

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/editSeverity/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.      
    

Request POST data

<ServiceRequest>
    <data>
        <Finding>
            <id>647</id>
            <severityComment>Test comment API</severityComment>
            <severity>2</severity>
        </Finding>
    </data>
</ServiceRequest>     
    

XML response

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>1</count>
    <data>
        <Finding>
            <id>647</id>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
    </data>
</ServiceResponse>      
    

Sample - Edit severity for multiple findingsSample - Edit severity for multiple findings

API request

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/editSeverity/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.      
    

Request POST data

<ServiceRequest>
    <data>
        <Finding>
            <severityComment>test comment api</severityComment>
            <severity>2</severity>
        </Finding>
    </data>
    <filters>
        <Criteria field="id" operator="IN">183, 645</Criteria>
    </filters>
</ServiceRequest>      
    

XML response

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>2</count>
    <data>
        <Finding>
            <id>645</id>
            <uniqueId>6a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
        <Finding>
            <id>183</id>
            <uniqueId>5a2c4d31-5d28-2b92-e055-4943720a51ab</uniqueId>
        </Finding>
    </data>
</ServiceResponse>    
    

Sample - Edit the severity of a finding using uniqueIdSample - Edit the severity of a finding using uniqueId

As every uniqueId is unique, using uniqueId, you could edit the severity of a finding.

API request

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/editSeverity/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.     
    

Request POST data

<ServiceRequest>
    <data>
        <Finding>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
            <severityComment>Test comment API</severityComment>
            <severity>3</severity>
        </Finding>
    </data>
</ServiceRequest>      
    

XML response

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>1</count>
    <data>
        <Finding>
            <id>132990</id>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
    </data>
</ServiceResponse>      
    

XSD

<platform API server>/qps/xsd/3.0/was/finding.xsd