Edit Finding Severity
Edit the severity level of the given findings.
Permissions required: User must have WAS module enabled. User account must have these permissions:
- Access Permission: API Access
- Ignore Vulnerabilities permission
User must have access to web application which belongs to given WebAppVuln id. The output includes findings for web applications in the user's scope.
Input ParametersInput Parameters
These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND.
Click here for available operators
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
id |
Optional |
integer |
ID of the finding (WebAppVuln, WebAppIg, or WebAppSensitiveContent). |
|
uniqueId |
Optional |
value |
The 36-bit unique id assigned to the finding. For example:
|
|
new severity level |
Optional |
integer |
{1,2,3,4,5} |
|
comments |
Optional |
text |
User comments. |
Sample - Edit severity levelSample - Edit severity level
Edit severity for single finding.
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/editSeverity/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<Finding>
<id>647</id>
<severityComment>Test comment API</severityComment>
<severity>2</severity>
</Finding>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<Finding>
<id>647</id>
<uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
</Finding>
</data>
</ServiceResponse>
Sample - Edit severity for multiple findingsSample - Edit severity for multiple findings
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/editSeverity/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<Finding>
<severityComment>test comment api</severityComment>
<severity>2</severity>
</Finding>
</data>
<filters>
<Criteria field="id" operator="IN">183, 645</Criteria>
</filters>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>2</count>
<data>
<Finding>
<id>645</id>
<uniqueId>6a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
</Finding>
<Finding>
<id>183</id>
<uniqueId>5a2c4d31-5d28-2b92-e055-4943720a51ab</uniqueId>
</Finding>
</data>
</ServiceResponse>
Sample - Edit the severity of a finding using uniqueIdSample - Edit the severity of a finding using uniqueId
As every uniqueId is unique, using uniqueId, you could edit the severity of a finding.
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/editSeverity/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<Finding>
<uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
<severityComment>Test comment API</severityComment>
<severity>3</severity>
</Finding>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<Finding>
<id>132990</id>
<uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
</Finding>
</data>
</ServiceResponse>
XSD
<platform API server>/qps/xsd/3.0/was/finding.xsd