diff --git a/dojo/tools/nmap/parser.py b/dojo/tools/nmap/parser.py index 27e505cfa12..70ed4691d78 100644 --- a/dojo/tools/nmap/parser.py +++ b/dojo/tools/nmap/parser.py @@ -96,6 +96,7 @@ def get_findings(self, file, test): "**Extra Info:** {}\n".format(port_element.find("service").attrib["extrainfo"]) ) description += service_info + script_id = None if script := port_element.find("script"): if script_id := script.attrib.get("id"): description += f"**Script ID:** {script_id}\n" @@ -126,6 +127,7 @@ def get_findings(self, file, test): severity=severity, mitigation="N/A", impact="No impact provided", + vuln_id_from_tool=script_id, ) find.unsaved_endpoints = [] dupes[dupe_key] = find diff --git a/dojo/tools/openvas/xml_parser.py b/dojo/tools/openvas/xml_parser.py index 32b7d001ca9..d765de9541f 100644 --- a/dojo/tools/openvas/xml_parser.py +++ b/dojo/tools/openvas/xml_parser.py @@ -16,6 +16,7 @@ def get_findings(self, filename, test): report = root.find("report") results = report.find("results") for result in results: + script_id = None for finding in result: if finding.tag == "name": title = finding.text @@ -27,7 +28,8 @@ def get_findings(self, filename, test): title = title + "_" + finding.text description.append(f"**Port**: {finding.text}") if finding.tag == "nvt": - description.append(f"**NVT**: {finding.text}") + script_id = finding.get("oid") + description.append(f"**NVT**: {script_id}") if finding.tag == "severity": severity = self.convert_cvss_score(finding.text) description.append(f"**Severity**: {finding.text}") @@ -38,10 +40,12 @@ def get_findings(self, filename, test): finding = Finding( title=str(title), + test=test, description="\n".join(description), severity=severity, dynamic_finding=True, static_finding=False, + vuln_id_from_tool=script_id, ) findings.append(finding) return findings