regscale-cli 6.17.0.0__py3-none-any.whl → 6.18.0.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of regscale-cli might be problematic. Click here for more details.
- regscale/__init__.py +1 -1
- regscale/core/app/api.py +5 -0
- regscale/core/login.py +3 -0
- regscale/integrations/commercial/burp.py +4 -0
- regscale/integrations/commercial/tenablev2/click.py +4 -0
- regscale/models/integration_models/cisa_kev_data.json +60 -4
- regscale/models/integration_models/synqly_models/capabilities.json +1 -1
- {regscale_cli-6.17.0.0.dist-info → regscale_cli-6.18.0.0.dist-info}/METADATA +1 -1
- {regscale_cli-6.17.0.0.dist-info → regscale_cli-6.18.0.0.dist-info}/RECORD +13 -13
- {regscale_cli-6.17.0.0.dist-info → regscale_cli-6.18.0.0.dist-info}/LICENSE +0 -0
- {regscale_cli-6.17.0.0.dist-info → regscale_cli-6.18.0.0.dist-info}/WHEEL +0 -0
- {regscale_cli-6.17.0.0.dist-info → regscale_cli-6.18.0.0.dist-info}/entry_points.txt +0 -0
- {regscale_cli-6.17.0.0.dist-info → regscale_cli-6.18.0.0.dist-info}/top_level.txt +0 -0
regscale/__init__.py
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
__version__ = "6.
|
|
1
|
+
__version__ = "6.18.0.0"
|
regscale/core/app/api.py
CHANGED
|
@@ -199,6 +199,11 @@ class Api:
|
|
|
199
199
|
self.session.auth = self.auth
|
|
200
200
|
headers = self._handle_headers(headers, merge_headers)
|
|
201
201
|
response = None
|
|
202
|
+
|
|
203
|
+
# Do not send Authorization headers if validatToken in endpoint
|
|
204
|
+
if "validateToken" in url:
|
|
205
|
+
headers.pop("Authorization", None)
|
|
206
|
+
|
|
202
207
|
try:
|
|
203
208
|
self.logger.debug("POST: %s", url)
|
|
204
209
|
if not json and data:
|
regscale/core/login.py
CHANGED
|
@@ -49,6 +49,9 @@ def get_regscale_token(
|
|
|
49
49
|
url = urljoin(domain, "/api/authentication/login")
|
|
50
50
|
response = api.post(url=url, json=auth, headers={})
|
|
51
51
|
error_msg = "Unable to authenticate with RegScale. Please check your credentials."
|
|
52
|
+
if response is None:
|
|
53
|
+
logger.error("No response received from api.post(). Possible connection issue or internal error.")
|
|
54
|
+
error_and_exit(error_msg + " (No response received from server)")
|
|
52
55
|
logger.info(response.url)
|
|
53
56
|
if response.status_code == 200:
|
|
54
57
|
response_dict = response.json()
|
|
@@ -9,6 +9,7 @@ from regscale.core.app.application import Application
|
|
|
9
9
|
from regscale.core.app.logz import create_logger
|
|
10
10
|
from regscale.models.integration_models.burp import Burp
|
|
11
11
|
from regscale.models.integration_models.flat_file_importer import FlatFileIntegration
|
|
12
|
+
from regscale.validation.record import validate_regscale_object
|
|
12
13
|
|
|
13
14
|
logger = create_logger(__name__)
|
|
14
15
|
|
|
@@ -55,6 +56,9 @@ def import_burp(
|
|
|
55
56
|
|
|
56
57
|
"""
|
|
57
58
|
app = Application()
|
|
59
|
+
if not validate_regscale_object(regscale_ssp_id, "securityplans"):
|
|
60
|
+
logger.warning("SSP #%i is not a valid RegScale Security Plan.", regscale_ssp_id)
|
|
61
|
+
return
|
|
58
62
|
if len(list(Path(folder_path).glob("*.xml"))) == 0:
|
|
59
63
|
logger.warning("No Burp files found in the specified folder.")
|
|
60
64
|
return
|
|
@@ -7,6 +7,7 @@ from concurrent.futures import wait
|
|
|
7
7
|
from typing import TYPE_CHECKING
|
|
8
8
|
|
|
9
9
|
from regscale.integrations.integration_override import IntegrationOverride
|
|
10
|
+
from regscale.validation.record import validate_regscale_object
|
|
10
11
|
|
|
11
12
|
# Delay import of Tenable libraries
|
|
12
13
|
if TYPE_CHECKING:
|
|
@@ -125,6 +126,9 @@ def import_nessus(folder_path: click.Path, regscale_ssp_id: click.INT, scan_date
|
|
|
125
126
|
"""Import Nessus scans, vulnerabilities and assets to RegScale."""
|
|
126
127
|
from regscale.integrations.commercial.nessus.scanner import NessusIntegration
|
|
127
128
|
|
|
129
|
+
if not validate_regscale_object(regscale_ssp_id, "securityplans"):
|
|
130
|
+
logger.warning("SSP #%i is not a valid RegScale Security Plan.", regscale_ssp_id)
|
|
131
|
+
return
|
|
128
132
|
NessusIntegration.sync_assets(plan_id=regscale_ssp_id, path=folder_path)
|
|
129
133
|
NessusIntegration.sync_findings(
|
|
130
134
|
plan_id=regscale_ssp_id, path=folder_path, enable_finding_date_update=True, scan_date=scan_date
|
|
@@ -1,9 +1,65 @@
|
|
|
1
1
|
{
|
|
2
2
|
"title": "CISA Catalog of Known Exploited Vulnerabilities",
|
|
3
|
-
"catalogVersion": "2025.04.
|
|
4
|
-
"dateReleased": "2025-04-
|
|
5
|
-
"count":
|
|
3
|
+
"catalogVersion": "2025.04.17",
|
|
4
|
+
"dateReleased": "2025-04-17T17:01:44.4538Z",
|
|
5
|
+
"count": 1323,
|
|
6
6
|
"vulnerabilities": [
|
|
7
|
+
{
|
|
8
|
+
"cveID": "CVE-2025-24054",
|
|
9
|
+
"vendorProject": "Microsoft",
|
|
10
|
+
"product": "Windows",
|
|
11
|
+
"vulnerabilityName": "Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability",
|
|
12
|
+
"dateAdded": "2025-04-17",
|
|
13
|
+
"shortDescription": "Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.",
|
|
14
|
+
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
|
|
15
|
+
"dueDate": "2025-05-08",
|
|
16
|
+
"knownRansomwareCampaignUse": "Unknown",
|
|
17
|
+
"notes": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-24054 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-24054",
|
|
18
|
+
"cwes": [
|
|
19
|
+
"CWE-73"
|
|
20
|
+
]
|
|
21
|
+
},
|
|
22
|
+
{
|
|
23
|
+
"cveID": "CVE-2025-31201",
|
|
24
|
+
"vendorProject": "Apple",
|
|
25
|
+
"product": "Multiple Products",
|
|
26
|
+
"vulnerabilityName": "Apple Multiple Products Arbitrary Read and Write Vulnerability",
|
|
27
|
+
"dateAdded": "2025-04-17",
|
|
28
|
+
"shortDescription": "Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication.",
|
|
29
|
+
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
|
|
30
|
+
"dueDate": "2025-05-08",
|
|
31
|
+
"knownRansomwareCampaignUse": "Unknown",
|
|
32
|
+
"notes": "https:\/\/support.apple.com\/en-us\/122282 ; https:\/\/support.apple.com\/en-us\/122400 ; https:\/\/support.apple.com\/en-us\/122401 ; https:\/\/support.apple.com\/en-us\/122402 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-31201",
|
|
33
|
+
"cwes": []
|
|
34
|
+
},
|
|
35
|
+
{
|
|
36
|
+
"cveID": "CVE-2025-31200",
|
|
37
|
+
"vendorProject": "Apple",
|
|
38
|
+
"product": "Multiple Products",
|
|
39
|
+
"vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability",
|
|
40
|
+
"dateAdded": "2025-04-17",
|
|
41
|
+
"shortDescription": "Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file.",
|
|
42
|
+
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
|
|
43
|
+
"dueDate": "2025-05-08",
|
|
44
|
+
"knownRansomwareCampaignUse": "Unknown",
|
|
45
|
+
"notes": "https:\/\/support.apple.com\/en-us\/122282 ; https:\/\/support.apple.com\/en-us\/122400 ; https:\/\/support.apple.com\/en-us\/122401 ; https:\/\/support.apple.com\/en-us\/122402 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-31200",
|
|
46
|
+
"cwes": []
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
"cveID": "CVE-2021-20035",
|
|
50
|
+
"vendorProject": "SonicWall",
|
|
51
|
+
"product": "SMA100 Appliances",
|
|
52
|
+
"vulnerabilityName": "SonicWall SMA100 Appliances OS Command Injection Vulnerability",
|
|
53
|
+
"dateAdded": "2025-04-16",
|
|
54
|
+
"shortDescription": "SonicWall SMA100 appliances contain an OS command injection vulnerability in the management interface that allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, which could potentially lead to code execution.",
|
|
55
|
+
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
|
|
56
|
+
"dueDate": "2025-05-07",
|
|
57
|
+
"knownRansomwareCampaignUse": "Unknown",
|
|
58
|
+
"notes": "https:\/\/psirt.global.sonicwall.com\/vuln-detail\/SNWLID-2021-0022 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-20035",
|
|
59
|
+
"cwes": [
|
|
60
|
+
"CWE-78"
|
|
61
|
+
]
|
|
62
|
+
},
|
|
7
63
|
{
|
|
8
64
|
"cveID": "CVE-2024-53150",
|
|
9
65
|
"vendorProject": "Linux",
|
|
@@ -4562,7 +4618,7 @@
|
|
|
4562
4618
|
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
|
|
4563
4619
|
"dueDate": "2023-10-31",
|
|
4564
4620
|
"knownRansomwareCampaignUse": "Unknown",
|
|
4565
|
-
"notes": "This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: CVE
|
|
4621
|
+
"notes": "This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP\/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/10\/10\/http2-rapid-reset-vulnerability-cve-2023-44487; https:\/\/blog.cloudflare.com\/technical-breakdown-http2-rapid-reset-ddos-attack\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-44487",
|
|
4566
4622
|
"cwes": [
|
|
4567
4623
|
"CWE-400"
|
|
4568
4624
|
]
|