Closed SeanWrightFeat closed 1 year ago
@damiencarol and @mtesauro: This issue reults from this commit: https://github.com/DefectDojo/django-DefectDojo/pull/7684/commits/74a4fc886e259b2ddc8734137a37682bb673e9a3
We have two options here to resolve this:
The problem is that in case 1 we rely on the possibility to automatically update the severity of a finding. Is this planned for V3?
@manuel-sommer I assume "untriaged" is the same as the "Pending" described here
If that's the case, I'd skip all 'untriaged' findings as Wazuh isn't sure they're really vulnerable at the time the file was generated. Also, subsequent Wazuh scans will show those as "valid" in future imports so they will be finding in DefectDojo once Wazuh is sure of their state.
I'd personally rather have untriaged findings dropped than cluttering up DefectDojo.
There's maybe a case to bring them in under Info but since info findings aren't action-able, I don't see how adding info findings into DefectDojo for Wazuh imports adds any value for the DefectDojo users.
HTH
@mtesauro I agree to this and add a PR today / tomorrow.
You can close this issue @SeanWrightFeat
I got it.
Thanks all the help with this, really appreciate it!
@SeanWrightFeat Thanks for the PR - we always appreciate the community's work to make DefectDojo even better :+1:
Bug description If a vulnerability in a Wazuh import has the severity of
Untriaged
, this results in an error in the import since this doesn't map to a severity within DefectDojo:Steps to reproduce Steps to reproduce the behavior:
Untriaged
Expected behavior A clear and concise description of what you expected to happen.
Deployment method (select with an
X
)Environment information
Logs
Sample scan files