Closed Cthulhu709 closed 2 years ago
6illess
commented
2 years ago Are you sure you are on the latest pyTenable version? We had the same issue and it was fixed by updating to the latest version. Which Python version are you using? I notice a reference to 3.6 in your output.
Cthulhu709
commented
2 years ago pyTenable has been updated today to the latest version, 1.4.3.. The errors were generated when it was earlier than that, but I don't recall where we started.
Python package is Python 2.7.5
6illess
commented
2 years ago Please try updating Python to v3.6 or higher.
Cthulhu709
commented
2 years ago Somewhere along the line... the output is shorter now.. so @6illess here's the latest..
Executing Tenable Remedy Vulnerability Ticketing Integration
Successfully Authenticated to Remedy
/usr/local/lib/python3.6/site-packages/tenable/base/platform.py:171: AuthenticationWarning: Starting an unauthenticated session
AuthenticationWarning)
Starting an unauthenticated session.
Traceback (most recent call last):
File "./vulnerability_ticketing.py", line 415, in
Cthulhu709
commented
2 years ago @6illess aren't there fundamental differences changing major Python distro versions?
6illess
commented
2 years ago That’s correct but as stated on https://pytenable.readthedocs.io/en/stable/
pyTenable version 1.2 is the first release to drop support for Python versions less than 3.6. If you are still using any of these deprecated python versions the 1.1 release will still work, however is no longer being actively developed or maintained.
If you’re using custom scripting you might want to review your code.
Cthulhu709
commented
2 years ago Apparently, we're already on 3.6....
[root@host TenablePy]# cd /opt/TenablePy/src/securitycenter/ [root@host securitycenter]# python3 Python 3.6.8 (default, Nov 18 2021, 10:07:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44.0.3)] on linux
[root@host TenablePy]# cat ./newcases.sh
cd /opt/TenablePy/src/securitycenter python3 ./vulnerability_ticketing.py
dzinni
commented
2 years ago It looks like Tenable.sc 5.20.0 is not providing info.version anymore. You can confirm that by adding something like print(self.info) right before self.version = self.info['version'] in __init__. The dictionary doesn't contain version. I have just added the following lines in __init__ as a quick workaround to get it working again.
if 'version' in self.info:
self.version = self.info['version']
else:
self.version = '5.20.0'Hope this helps.
Cthulhu709
commented
2 years ago Thanks for the info.
I've relayed it to our automation team, and tenable. I really think if this function is supported in 5.19, it shouldn't be yanked for a minor update.
We'll see what happens.
Thanks again.
Cthulhu709
commented
2 years ago @dzinni I had a look at the init.py, [git is removing the underscores] and the file is completely empty. I don't see self.info in the .py script that I Run, nor do I see any self
I've added your recommended code above to the init.py file, and it doesn't seem to work... I'm not proficient in Python, so I'm going to continue pursuing this with our automation team... but wanted to provide an update.
Thanks again.
damianzinni
commented
2 years ago Hi, based on the output you pasted when opening this issue, the file where you would make the change is /usr/local/lib/python3.6/site-packages/tenable/sc/init.py. Is that the one you were looking at?
You would need to replace this line self.info['version'] with the ones I mentioned earlier. Let me know if that works.
Cthulhu709
commented
2 years ago Hi @dzinni
Okay.. I found the other init.py...
def _key_auth(self, access_key, secret_key):
# 5.13, which is the minimum version of SC that supports API Keys. If
# we cant pull a version, then we will assume it's ok.
#mv - added override to define version for when it's not available
if 'version' in self.info:
self.version=self.info['version']
else:
self.version='5.20.0''
#mv end override
if (not self.version
or VersionInfo.parse(self.version).match('>=5.13.0')
):
self._session.headers.update({
'X-APIKey': f'accessKey={access_key}; secretKey={secret_key}'
})
self._auth_mech = 'keys'
else:
raise ConnectionError( .....I've handed this to our automation team members and am waiting for them to get back to me..
I gave it a try, but not being experienced in .py myself, I'm throwing poop at a wall... this was my output
Traceback (most recent call last):
File "./vulnerability_ticketing.py", line 12, in
Cthulhu709
commented
2 years ago Found the issues..
Fix provided by damianzinni works to resolve
Fix is to update referenced 'user' to 'username' and 'passwd' to 'password' when calling login.
Thanks for the help and code.. you saved us a lot of time banging our heads against the desk.
damianzinni
commented
2 years ago @Cthulhu709 - You may want to re-open this issue so it gets fixed by the package maintainers. My solution was just a workaround to get it working as soon as possible. Cheers.
Cthulhu709
commented
2 years ago Thanks. I've reopened it.
I'm a git newb so please forgive my transgressions. :)
damianzinni
commented
2 years ago FYI - This issue is fixed in the latest pytenable version:
@property
def version(self):
if not self._version:
# We will attempt to pull the version number from the system
# details method. If we get an APRError response, then we will
# simply pass through.
try:
version = self.system.details().get('version')
except APIError:
pass
else:
self._version = version
return self._version
SteveMcGrath
commented
2 years ago This was addressed in #514
Describe the bug Since updating to Tenable.SC 5.20, pyTenable is no longer able to login to the .SC host to perform it's queries. It is failing at Authentication, even though the credentials have not changed, and have been verified as valid using the user-login page.
To Reproduce Run the Python integration script
Expected behavior