regscale-cli 6.16.1.0__py3-none-any.whl → 6.16.3.0__py3-none-any.whl

regscale/models/integration_models/tenable_models/integration.py

@@ -3,6 +3,7 @@ This module contains the Tenable SC Integration class that is responsible for fe
 """
 
 import logging
+import re
 from typing import Any, Iterator, List, Optional, Tuple
 
 from regscale.core.app.utils.app_utils import epoch_to_datetime
@@ -114,14 +115,34 @@ class SCIntegration(ScannerIntegration):
 
         validated_match = integration_mapping.field_map_validation(obj=vuln, model_type="asset")
         asset_identifier = validated_match or vuln.dnsName or vuln.dns or vuln.ip
-        cvss_score = self.get_cvss_score(vuln)
+        cvss_scores = self.get_cvss_scores(vuln)
         severity = self.finding_severity_map.get(vuln.severity.name, regscale_models.IssueSeverity.Low)
 
+        installed_versions_str = ""
+        fixed_versions_str = ""
+        package_path_str = ""
+
+        if "Installed package" in vuln.pluginText:
+            installed_versions = re.findall(r"Installed package\s*:\s*(\S+)", vuln.pluginText)
+            installed_versions_str = ", ".join(installed_versions)
+        if "Fixed package" in vuln.pluginText:
+            fixed_versions = re.findall(r"Fixed package\s*:\s*(\S+)", vuln.pluginText)
+            fixed_versions_str = ", ".join(fixed_versions)
+        if "Path" in vuln.pluginText:
+            package_path = re.findall(r"Path\s*:\s*(\S+)", vuln.pluginText)
+            package_path_str = ", ".join(package_path)
+        if "Installed version" in vuln.pluginText:
+            installed_versions = re.findall(r"Installed version\s*:\s*(.+)", vuln.pluginText)
+            installed_versions_str = ", ".join(installed_versions)
+        if "Fixed version" in vuln.pluginText:
+            fixed_versions = re.findall(r"Fixed version\s*:\s*(.+)", vuln.pluginText)
+            fixed_versions_str = ", ".join(fixed_versions)
+
         return IntegrationFinding(
             control_labels=[],  # Add an empty list for control_labels
             category="Tenable SC Vulnerability",  # Add a default category
             dns=vuln.dnsName,
-            title=getter("title") or (vuln.synopsis or vuln.pluginName),  # BMC Add CVE to title
+            title=getter("title") or f"{cve}: {vuln.synopsis}" if cve else (vuln.synopsis or vuln.pluginName),
             description=getter("description") or (vuln.description or vuln.pluginInfo),
             severity=severity,
             status=regscale_models.IssueStatus.Open,  # Findings of > Low are considered as FAIL
@@ -133,8 +154,11 @@ class SCIntegration(ScannerIntegration):
             date_last_updated=epoch_to_datetime(vuln.lastSeen),
             recommendation_for_mitigation=vuln.solution,
             cve=cve,
-            cvss_v3_score=cvss_score,
-            cvss_score=cvss_score,
+            cvss_v3_score=cvss_scores.get("cvss_v3_base_score", 0.0),
+            cvss_score=cvss_scores.get("cvss_v3_base_score", 0.0),
+            cvss_v3_vector=vuln.cvssV3Vector,
+            cvss_v2_score=cvss_scores.get("cvss_v2_base_score", 0.0),
+            cvss_v2_vector=vuln.cvssVector,
             vpr_score=float(vuln.vprScore) if vuln.vprScore else None,
             comments=vuln.cvssV3Vector,
             plugin_id=vuln.pluginID,
@@ -144,9 +168,16 @@ class SCIntegration(ScannerIntegration):
             basis_for_adjustment="Tenable SC import",
             vulnerability_type="Tenable SC Vulnerability",
             vulnerable_asset=vuln.dnsName,
+            build_version="",
+            affected_os=vuln.operatingSystem,
+            affected_packages=vuln.pluginName,
+            package_path=package_path_str,
+            installed_versions=installed_versions_str,
+            fixed_versions=fixed_versions_str,
+            fix_status="",
         )
 
-    def get_cvss_score(self, vuln: TenableAsset) -> float:
+    def get_cvss_scores(self, vuln: TenableAsset) -> dict:
         """
         Returns the CVSS score for the finding
 
@@ -154,10 +185,14 @@ class SCIntegration(ScannerIntegration):
         :return: The CVSS score
         :rtype: float
         """
+        res = {}
         try:
-            res = float(vuln.cvssV3BaseScore) if vuln.cvssV3BaseScore else 0.0
+            res["cvss_v3_base_score"] = float(vuln.cvssV3BaseScore) if vuln.cvssV3BaseScore else 0.0
+            res["cvss_v2_base_score"] = float(vuln.baseScore) if vuln.baseScore else 0.0
         except (ValueError, TypeError):
-            res = 0.0
+            res["cvss_v3_base_score"] = 0.0
+            res["cvss_v2_base_score"] = 0.0
+
         return res
 
     def to_integration_asset(self, asset: TenableAsset, **kwargs: dict) -> IntegrationAsset:

regscale/models/integration_models/veracode.py

@@ -1,8 +1,9 @@
-from typing import List, Optional
+from typing import List, Optional, Union
 
 from regscale.core.app.logz import create_logger
 from regscale.core.app.utils.app_utils import get_current_datetime
-from regscale.models import Asset, Vulnerability, Mapping, ImportValidater
+from regscale.integrations.scanner_integration import IntegrationFinding
+from regscale.models import Asset, Vulnerability, ImportValidater, IssueStatus
 from regscale.models.integration_models.flat_file_importer import FlatFileImporter
 
 APP_NAME = "@app_name"
@@ -17,26 +18,34 @@ class Veracode(FlatFileImporter):
         self.vuln_title = "PROBLEM_TITLE"
         self.fmt = "%Y-%m-%d"
         self.dt_format = "%Y-%m-%d %H:%M:%S"
-        csv_headers = [
+        xlsx_headers = [
             "Source",
         ]
         xml_headers = [
             "app_name",
         ]
+        json_headers = [
+            "findings",
+            "project_name",
+        ]
         self.mapping_file = kwargs.get("mappings_path")
         self.disable_mapping = kwargs.get("disable_mapping")
         file_type = kwargs.get("file_type")
-        if file_type == ".xml":
+        xml_tag = None
+        if "xml" in file_type:
             self.required_headers = xml_headers
             xml_tag = "detailedreport"
+        elif "xlsx" in file_type:
+            self.required_headers = xlsx_headers
         else:
-            self.required_headers = csv_headers
-            xml_tag = None
+            self.required_headers = json_headers
         self.validater = ImportValidater(
             self.required_headers, kwargs.get("file_path"), self.mapping_file, self.disable_mapping, xml_tag=xml_tag
         )
         self.headers = self.validater.parsed_headers
         self.mapping = self.validater.mapping
+        if file_type == ".json":
+            self.asset_identifier = self.mapping.get_value(self.validater.data, "project_name", "")
         super().__init__(
             logger=logger,
             headers=self.headers,
@@ -57,10 +66,14 @@ class Veracode(FlatFileImporter):
         version = None
         # Veracode is a Web Application Security Scanner, so these will be software assets, scanning a
         # single web application
-        if "detailedreport" in self.mapping.mapping.keys():
-            name = self.mapping.get_value(dat, "detailedreport", {}).get(APP_NAME, "")
-            account_id = self.mapping.get_value(dat, "detailedreport", {}).get(ACCOUNT_ID, "")
-            version = self.mapping.get_value(dat, "detailedreport", {}).get(VERSION, "")
+        if "xml" in self.attributes.file_type:
+            detailed_report_data = dat.get("detailedreport", {})
+            name = detailed_report_data.get(APP_NAME, "")
+            account_id = detailed_report_data.get(ACCOUNT_ID, "")
+            version = detailed_report_data.get(VERSION, "")
+        elif "json" in self.attributes.file_type:
+            name = self.mapping.get_value(dat, "project_name", "")
+            account_id = self.asset_identifier
         else:
             name = self.mapping.get_value(dat, "Source", "")
             account_id = str(self.mapping.get_value(dat, "ID", ""))
@@ -88,7 +101,7 @@ class Veracode(FlatFileImporter):
         )
         return [asset]
 
-    def create_vuln(self, dat: Optional[dict] = None, **kwargs) -> List[Vulnerability]:
+    def create_vuln(self, dat: Optional[dict] = None, **kwargs) -> Union[List[Vulnerability], List[IntegrationFinding]]:
         """
         Create a RegScale vulnerability from a vulnerability in the Veracode export file
 
@@ -96,30 +109,62 @@ class Veracode(FlatFileImporter):
         :return: List of RegScale Vulnerability objects
         :rtype: List[Vulnerability]
         """
-        import_type = "xml" if isinstance(dat, str) else "csv"
         # Veracode is a Web Application Security Scanner, so these will be software assets,
         # scanning a single web application
-        if import_type == "xml":
-            name = self.mapping.get_value(dat, "detailedreport", {}).get(APP_NAME, "")
-            all_sev_data = self.mapping.get_value(dat, "detailedreport", {}).get("severity", [])
+        if "xml" in self.attributes.file_type:
+            detailed_report_data = dat.get("detailedreport", {})
+            name = detailed_report_data.get(APP_NAME, "")
+            all_sev_data = detailed_report_data.get("severity", [])
             severity = self.severity_info(all_sev_data)[0] if all_sev_data else "low"
             if severity_data := self.severity_info(all_sev_data):
-                if isinstance(severity_data, list) and len(severity_data) >= 2:
+                if isinstance(severity_data, tuple) and len(severity_data) >= 2:
                     cwes = [
-                        f"{c.get('cweid')} {c.get('cwename')}" for c in severity_data[1].get("cwe", [])
+                        f"{c.get('@cweid')} {c.get('@cwename')}" for c in severity_data[1].get("cwe", [])
                     ]  # Multiple cwes per asset in official XML
             else:
                 cwes = []
-        else:
+        elif "xlsx" in self.attributes.file_type:
             name = self.mapping.get_value(dat, "Source", "")
             severity = self.mapping.get_value(dat, "Sev", "").lower()
             cwes = [self.mapping.get_value(dat, "CWE ID & Name", [])]  # Coalfire should flatten data for asset -> cwes
+        elif "json" in self.attributes.file_type:
+            return self._parse_json_findings(**kwargs)
 
-        return self.process_csv_vulns(name, cwes, severity)
+        return self.process_vuln_data(name, cwes, severity)
 
-    def process_csv_vulns(self, hostname: str, cwes: List[str], severity: str) -> List[Vulnerability]:
+    def _parse_json_findings(self, **kwargs) -> List[IntegrationFinding]:
         """
-        Process the CSV findings from the ECR scan
+        Parse the JSON findings from the Veracode .json export file
+
+        :return: List of IntegrationFinding objects
+        :rtype: List[IntegrationFinding]
+        """
+        findings: List[IntegrationFinding] = []
+        for vuln in self.mapping.get_value(kwargs.get("data", self.validater.data), "findings", []):
+            if title := vuln.get("issue_type", vuln.get("title", "")):
+                findings.append(
+                    IntegrationFinding(
+                        title=title,
+                        description=vuln.get("display_text", "No description available"),
+                        severity=self.finding_severity_map.get(self.hit_mapping().get(vuln.get("severity", 0)), "Low"),
+                        status=IssueStatus.Open,
+                        plugin_name=vuln.get(title, self.name),
+                        plugin_id=vuln.get("cwe_id", vuln.get("issue_id", "")),
+                        plugin_text=vuln.get("issue_type", ""),
+                        asset_identifier=self.asset_identifier,
+                        first_seen=self.scan_date,
+                        last_seen=self.scan_date,
+                        scan_date=self.scan_date,
+                        category="Software",
+                        is_cwe=True,
+                        control_labels=[],
+                    )
+                )
+        return findings
+
+    def process_vuln_data(self, hostname: str, cwes: List[str], severity: str) -> List[Vulnerability]:
+        """
+        Process the vulnerability data to create a list of vulnerabilities
 
         :param str hostname: The hostname
         :param List[str] cwes: The CWEs
@@ -137,7 +182,7 @@ class Veracode(FlatFileImporter):
 
     def create_vulnerability_object(
         self, asset: Asset, hostname: str, cwe: str, severity: str, description: str
-    ) -> Vulnerability:
+    ) -> IntegrationFinding:
         """
         Create a vulnerability from a row in the Veracode file
 
@@ -146,33 +191,25 @@ class Veracode(FlatFileImporter):
         :param str cwe: The CWE
         :param str severity: The severity
         :param str description: The description
-        :return: The vulnerability
-        :rtype: Vulnerability
-        """
-        config = self.attributes.app.config
-
-        return Vulnerability(  # type: ignore
-            id=0,
-            scanId=0,
-            parentId=asset.id,
-            parentModule="assets",
-            ipAddress="0.0.0.0",
-            lastSeen=get_current_datetime(),  # No timestamp on Veracode
-            firstSeen=get_current_datetime(),  # No timestamp on Veracode
-            daysOpen=None,
-            dns=hostname,
-            mitigated=None,
-            operatingSystem=asset.operatingSystem,
-            severity=severity,
-            plugInName=cwe,
-            cve="",
-            tenantsId=0,
+        :return: The equivalent IntegrationFinding object
+        :rtype: IntegrationFinding
+        """
+        return IntegrationFinding(
             title=f"{cwe} on asset {asset.name}",
-            description=cwe,
-            plugInText=description,
-            createdById=config["userId"],
-            lastUpdatedById=config["userId"],
-            dateCreated=get_current_datetime(),
+            description=description,
+            status=IssueStatus.Open,
+            dns=hostname,
+            first_seen=self.scan_date,
+            last_seen=self.scan_date,
+            scan_date=self.scan_date,
+            category="Software",
+            is_cwe=True,
+            severity=self.finding_severity_map.get(self.hit_mapping().get(severity.title(), "Low")),
+            plugin_name=cwe,
+            plugin_id=cwe,
+            plugin_text=description,
+            asset_identifier=hostname,
+            control_labels=[],
         )
 
     def get_asset(self, hostname: str) -> Optional[Asset]:
@@ -214,4 +251,10 @@ class Veracode(FlatFileImporter):
             "2": "low",
             "1": "low",
             "0": "info",
+            5: "Critical",
+            4: "High",
+            3: "Medium",
+            2: "Low",
+            1: "Low",
+            0: "Low",
         }

regscale/models/regscale_models/regscale_model.py

@@ -1503,7 +1503,7 @@ class RegScaleModel(BaseModel, ABC):
         :rtype: Optional[T]
         """
         if response and response.ok:
-            logger.info(json.dumps(response.json(), indent=4))
+            logger.debug(json.dumps(response.json(), indent=4))
             return cast(T, cls(**response.json()))
         else:
             cls.log_response_error(response=response, suppress_error=suppress_error)

regscale/models/regscale_models/user.py

@@ -75,11 +75,10 @@ class User(RegScaleModel):
         :param str v: homePageUrl value
         :return: The homePageUrl if the RegScale version is compatible, None otherwise
         """
-        from packaging.version import Version
+        from regscale.utils.version import RegscaleVersion
 
-        regscale_version = cls._get_api_handler().regscale_version
-
-        if len(regscale_version) >= 10 or Version(regscale_version) >= Version("6.14.0.0"):
+        rv = RegscaleVersion()
+        if rv.meets_minimum_version("6.14.0.0"):
             return v
         else:
             return None

regscale/models/regscale_models/vulnerability.py

@@ -87,6 +87,17 @@ class Vulnerability(RegScaleModel):
     isPublic: bool = Field(default=False)
     dateClosed: Optional[str] = None
     status: Optional[VulnerabilityStatus] = VulnerabilityStatus.Open
+    buildVersion: Optional[str] = None
+    cvsSv3BaseVector: Optional[str] = None
+    cvsSv2BaseVector: Optional[str] = None
+    cvsSv2BaseScore: Optional[Union[float, int]] = None
+    affectedOS: Optional[str] = None
+    packagePath: Optional[str] = None
+    imageDigest: Optional[str] = None
+    affectedPackages: Optional[str] = None
+    installedVersions: Optional[str] = None
+    fixedVersions: Optional[str] = None
+    fixStatus: Optional[str] = None
 
     @field_validator("plugInId")
     def validate_regscale_version_and_plugin_id_type(cls, v: Union[int, str]) -> Union[int, str, None]:
@@ -153,6 +164,16 @@ class Vulnerability(RegScaleModel):
             "tenants_id": "tenantsId",
             "is_public": "isPublic",
             "date_closed": "dateClosed",
+            "build_version": "buildVersion",
+            "cvss_v3_vector": "cvsSv3BaseVector",
+            "cvss_v2_score": "cvsSv2BaseScore",
+            "cvss_v2_vector": "cvsSv2BaseVector",
+            "affected_os": "affectedOS",
+            "image_digest": "imageDigest",
+            "affected_packages": "affectedPackages",
+            "installed_versions": "installedVersions",
+            "fixed_versions": "fixedVersions",
+            "fix_status": "fixStatus",
         }
 
         # Convert snake_case keys to camelCase

regscale/utils/version.py

@@ -2,13 +2,11 @@
 
 import logging
 import re
-from typing import Optional
 from functools import lru_cache
 
 from packaging.version import Version
 
 from regscale.core.app.utils.api_handler import APIHandler
-from regscale.utils.decorators import classproperty
 
 logger = logging.getLogger(__name__)
 
@@ -32,15 +30,15 @@ class RegscaleVersion:
         try:
             api_handler = APIHandler()
             response = api_handler.get("/assets/json/version.json")
-            if response.status_code == 200:
+            if response.ok and response.status_code == 200:
                 version_data = response.json()
                 return version_data.get("version", "Unknown")
             else:
                 logger.error(f"Failed to fetch version. Status code: {response.status_code}")
-                return "dev"
+                return "Unknown"
         except Exception as e:
             logger.error(f"Error fetching version: {e}", exc_info=True)
-            return "dev"
+            return "Unknown"
 
     @staticmethod
     def is_valid_version(version: str) -> bool:

{regscale_cli-6.16.1.0.dist-info → regscale_cli-6.16.3.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: regscale-cli
-Version: 6.16.1.0
+Version: 6.16.3.0
 Summary: Command Line Interface (CLI) for bulk processing/loading data into RegScale
 Home-page: https://github.com/RegScale/regscale-cli
 Author: Travis Howerton
@@ -579,7 +579,7 @@ See [full documentation on regscale.readme.io](https://regscale.readme.io/docs/o
 
 Create a virtual environment and install required Python libraries.
 
-### Shell
+### MacOS/Linux
 ```shell
 # create and activate python virtual environment
 python -m venv venv
@@ -597,7 +597,7 @@ pip install regscale-cli
 pip install "regscale-cli[server]"
 ```
 
-### PowerShell
+### Windows
 ```PowerShell
 # create and activate python virtual environment
 python -m venv venv