regscale-cli 6.20.1.1__py3-none-any.whl → 6.20.3.0__py3-none-any.whl

regscale/models/integration_models/cisa_kev_data.json

@@ -1,9 +1,205 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.05.29",
-    "dateReleased": "2025-05-29T11:25:31.4802Z",
-    "count": 1352,
+    "catalogVersion": "2025.06.13",
+    "dateReleased": "2025-06-13T16:08:40.4237Z",
+    "count": 1364,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2025-33053",
+            "vendorProject": "Web Distributed Authoring and Versioning",
+            "product": "Web Distributed Authoring and Versioning (WebDAV)",
+            "vulnerabilityName": "Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability",
+            "dateAdded": "2025-06-10",
+            "shortDescription": "Web Distributed Authoring and Versioning (WebDAV) contains an external control of file name or path vulnerability. This vulnerability could allow an unauthorized attacker to execute code over a network. This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-07-01",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-33053 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-33053",
+            "cwes": [
+                "CWE-73"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-24016",
+            "vendorProject": "Wazuh",
+            "product": "Wazuh Server",
+            "vulnerabilityName": "Wazuh Server Deserialization of Untrusted Data Vulnerability",
+            "dateAdded": "2025-06-10",
+            "shortDescription": "Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-07-01",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/github.com\/wazuh\/wazuh\/security\/advisories\/GHSA-hcrc-79hj-m3qh ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-24016",
+            "cwes": [
+                "CWE-502"
+            ]
+        },
+        {
+            "cveID": "CVE-2024-42009",
+            "vendorProject": "Roundcube",
+            "product": "Webmail",
+            "vulnerabilityName": "RoundCube Webmail Cross-Site Scripting Vulnerability",
+            "dateAdded": "2025-06-09",
+            "shortDescription": "RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program\/actions\/mail\/show.php.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-30",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/roundcube.net\/news\/2024\/08\/04\/security-updates-1.6.8-and-1.5.8 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-42009",
+            "cwes": [
+                "CWE-79"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-32433",
+            "vendorProject": "Erlang",
+            "product": "Erlang\/OTP",
+            "vulnerabilityName": "Erlang Erlang\/OTP SSH Server Missing Authentication for Critical Function Vulnerability",
+            "dateAdded": "2025-06-09",
+            "shortDescription": "Erlang Erlang\/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially leading to unauthenticated remote code execution (RCE). By exploiting a flaw in how SSH protocol messages are handled, a malicious actor could gain unauthorized access to affected systems. This vulnerability could affect various products that implement Erlang\/OTP SSH server, including\u2014but not limited to\u2014Cisco, NetApp, and SUSE.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-30",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https:\/\/github.com\/erlang\/otp\/security\/advisories\/GHSA-37cp-fgq5-7wc2 ; https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-erlang-otp-ssh-xyZZy ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-32433",
+            "cwes": [
+                "CWE-306"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-5419",
+            "vendorProject": "Google",
+            "product": "Chromium V8",
+            "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Read and Write Vulnerability",
+            "dateAdded": "2025-06-05",
+            "shortDescription": "Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-26",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/chromereleases.googleblog.com\/2025\/06\/stable-channel-update-for-desktop.html;   https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-5419\",",
+            "cwes": [
+                "CWE-125",
+                "CWE-787"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-21479",
+            "vendorProject": "Qualcomm",
+            "product": "Multiple Chipsets",
+            "vulnerabilityName": "Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability",
+            "dateAdded": "2025-06-03",
+            "shortDescription": "Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-24",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/june-2025-bulletin.html ;   https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-21479",
+            "cwes": [
+                "CWE-863"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-21480",
+            "vendorProject": "Qualcomm",
+            "product": "Multiple Chipsets",
+            "vulnerabilityName": "Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability",
+            "dateAdded": "2025-06-03",
+            "shortDescription": "Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-24",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/june-2025-bulletin.html ;   https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-21480",
+            "cwes": [
+                "CWE-863"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-27038",
+            "vendorProject": "Qualcomm",
+            "product": "Multiple Chipsets",
+            "vulnerabilityName": "Qualcomm Multiple Chipsets Use-After-Free Vulnerability",
+            "dateAdded": "2025-06-03",
+            "shortDescription": "Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-24",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/june-2025-bulletin.html ;   https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-27038",
+            "cwes": [
+                "CWE-416"
+            ]
+        },
+        {
+            "cveID": "CVE-2021-32030",
+            "vendorProject": "ASUS",
+            "product": "Routers",
+            "vulnerabilityName": "ASUS Routers Improper Authentication Vulnerability",
+            "dateAdded": "2025-06-02",
+            "shortDescription": "ASUS Lyra Mini and ASUS GT-AC2900 devices contain an improper authentication vulnerability that allows an attacker to gain unauthorized access to the administrative interface. The impacted products could be end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue product utilization.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-23",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/www.asus.com\/us\/supportonly\/lyra%20mini\/helpdesk_bios\/ ; https:\/\/www.asus.com\/us\/supportonly\/rog%20rapture%20gt-ac2900\/helpdesk_bios\/; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-32030",
+            "cwes": [
+                "CWE-287"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-3935",
+            "vendorProject": "ConnectWise",
+            "product": "ScreenConnect",
+            "vulnerabilityName": "ConnectWise ScreenConnect Improper Authentication Vulnerability",
+            "dateAdded": "2025-06-02",
+            "shortDescription": "ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-23",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/www.connectwise.com\/company\/trust\/security-bulletins\/screenconnect-security-patch-2025.4 ;   https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-3935",
+            "cwes": [
+                "CWE-287"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-35939",
+            "vendorProject": "Craft CMS",
+            "product": "Craft CMS",
+            "vulnerabilityName": "Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability",
+            "dateAdded": "2025-06-02",
+            "shortDescription": "Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a known local file location on the server. This vulnerability could be chained with CVE-2024-58136 as represented by CVE-2025-32432.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-23",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/github.com\/craftcms\/cms\/pull\/17220 ;   https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-35939",
+            "cwes": [
+                "CWE-472"
+            ]
+        },
+        {
+            "cveID": "CVE-2024-56145",
+            "vendorProject": "Craft CMS",
+            "product": "Craft CMS",
+            "vulnerabilityName": "Craft CMS Code Injection Vulnerability",
+            "dateAdded": "2025-06-02",
+            "shortDescription": "Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has `register_argc_argv` enabled.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-23",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/github.com\/craftcms\/cms\/security\/advisories\/GHSA-2p6p-9rc9-62j9 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-56145",
+            "cwes": [
+                "CWE-94"
+            ]
+        },
+        {
+            "cveID": "CVE-2023-39780",
+            "vendorProject": "ASUS",
+            "product": "RT-AX55 Routers",
+            "vulnerabilityName": "ASUS RT-AX55 Routers OS Command Injection Vulnerability",
+            "dateAdded": "2025-06-02",
+            "shortDescription": "ASUS RT-AX55 devices contain an OS command injection vulnerability that could allow a remote, authenticated attacker to execute arbitrary commands. As represented by CVE-2023-41346.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-06-23",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/www.asus.com\/networking-iot-servers\/wifi-6\/all-series\/rt-ax55\/helpdesk_bios\/?model2Name=RT-AX55 ;   https:\/\/www.asus.com\/content\/asus-product-security-advisory\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-39780",
+            "cwes": [
+                "CWE-78"
+            ]
+        },
         {
             "cveID": "CVE-2025-4632",
             "vendorProject": "Samsung",
@@ -85,7 +281,7 @@
             "product": "Endpoint Manager Mobile (EPMM)",
             "vulnerabilityName": "Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability",
             "dateAdded": "2025-05-19",
-            "shortDescription": "Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library.",
+            "shortDescription": "Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library, as represented by CVE-2025-35036.",
             "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
             "dueDate": "2025-06-09",
             "knownRansomwareCampaignUse": "Unknown",
@@ -139,21 +335,6 @@
                 "CWE-78"
             ]
         },
-        {
-            "cveID": "CVE-2025-4664",
-            "vendorProject": "Google",
-            "product": "Chromium",
-            "vulnerabilityName": "Google Chromium Loader Insufficient Policy Enforcement Vulnerability",
-            "dateAdded": "2025-05-15",
-            "shortDescription": "Google Chromium contains an insufficient policy enforcement vulnerability that allows a remote attacker to leak cross-origin data via a crafted HTML page.",
-            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
-            "dueDate": "2025-06-05",
-            "knownRansomwareCampaignUse": "Unknown",
-            "notes": "https:\/\/chromereleases.googleblog.com\/2025\/05\/stable-channel-update-for-desktop_14.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-4664",
-            "cwes": [
-                "CWE-346"
-            ]
-        },
         {
             "cveID": "CVE-2025-32756",
             "vendorProject": "Fortinet",
@@ -1223,7 +1404,7 @@
             "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
             "dueDate": "2025-03-06",
             "knownRansomwareCampaignUse": "Known",
-            "notes": "https:\/\/simple-help.com\/kb---security-vulnerabilities-01-2025 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-57727",
+            "notes": "https:\/\/simple-help.com\/kb---security-vulnerabilities-01-2025 ; Additional CISA Mitigation Instructions: https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa25-163a ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-57727",
             "cwes": [
                 "CWE-22"
             ]
@@ -3608,7 +3789,7 @@
             "shortDescription": "NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.",
             "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
             "dueDate": "2024-06-10",
-            "knownRansomwareCampaignUse": "Unknown",
+            "knownRansomwareCampaignUse": "Known",
             "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status.   For more information, please see: https:\/\/github.com\/nextgenhealthcare\/connect\/wiki\/4.4.1---What%27s-New ;  https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-43208",
             "cwes": [
                 "CWE-502"
@@ -3907,7 +4088,7 @@
             "shortDescription": "Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).",
             "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
             "dueDate": "2024-04-15",
-            "knownRansomwareCampaignUse": "Unknown",
+            "knownRansomwareCampaignUse": "Known",
             "notes": "https:\/\/forums.ivanti.com\/s\/article\/SA-2021-12-02?language=en_US; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44529",
             "cwes": [
                 "CWE-94"
@@ -4132,7 +4313,7 @@
             "shortDescription": "Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.",
             "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
             "dueDate": "2024-02-16",
-            "knownRansomwareCampaignUse": "Unknown",
+            "knownRansomwareCampaignUse": "Known",
             "notes": "https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-24-015 ;   https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21762",
             "cwes": [
                 "CWE-787"

regscale/models/integration_models/flat_file_importer/__init__.py

@@ -288,6 +288,7 @@ class FlatFileImporter(ABC):
                 plugin_name=plugin_name,
                 date_created=vuln.firstSeen,
                 date_last_updated=vuln.lastSeen,
+                due_date="",  # Override the default factory, we want ScannerIntegration to handle this
             )
         except (KeyError, TypeError, ValueError) as e:
             self.attributes.logger.error("Error parsing Wiz finding: %s", str(e), exc_info=True)
@@ -391,7 +392,8 @@ class FlatFileImporter(ABC):
             for _ in range(start_line_number):
                 next(file)
             if file.name.endswith(".csv"):
-                data, header = self.convert_csv_to_dict(file)
+                data = self.validater.data.to_dict("records")
+                header = list(self.validater.parsed_headers)
             elif file.name.endswith(".xlsx"):
                 data, header = self.convert_xlsx_to_dict(file, start_line_number)
             elif file.name.endswith(".json"):
@@ -432,33 +434,6 @@ class FlatFileImporter(ABC):
                 ", ".join(extra_headers),
             )
 
-    def convert_csv_to_dict(self, file: TextIO) -> tuple:
-        """
-        Converts a csv file to a list of dictionaries
-
-        :param TextIO file: The csv file to convert
-        :return: Tuple of header and data from csv file
-        :rtype: tuple
-        """
-        logger.debug("flatfileimporter: Converting csv to dict")
-        # if file is empty, error and exit
-        if not file.read(1):
-            error_and_exit("File is empty")
-        # Rewind file and skip lines until the start line is reached
-        file.seek(0)
-        for _ in range(getattr(self.attributes, "header_line_number", 0) or 0):
-            next(file)
-        reader = csv.DictReader(file)
-
-        header = [head for head in list(reader.fieldnames) if head]
-
-        if self.extra_headers_allowed:
-            self.handle_extra_headers(header=header)
-
-        data = list(reader)
-        logger.debug("flatfileimporter: Done converting csv to dict.")
-        return data, header
-
     def convert_xlsx_to_dict(self, file: TextIO, start_line_number: int = 0) -> tuple:
         """
         Converts a xlsx file to a list of dictionaries
@@ -561,145 +536,6 @@ class FlatFileImporter(ABC):
                 if asset not in self.data["assets"]:
                     self.data["assets"].append(asset)
 
-    @staticmethod
-    def check_status_codes(response_list: list) -> None:
-        """
-        Check if any of the responses are not 200
-
-        :param list response_list: List of responses
-        :raises AssertionError: If any of the responses are not 200
-        :rtype: None
-        """
-        for response in response_list:
-            if isinstance(response, requests.Response) and response.status_code != 200:
-                raise AssertionError(
-                    f"Unable to {response.request.method} asset to RegScale.\n"
-                    f"Code: {response.status_code}\nReason: {response.reason}"
-                    f"\nPayload: {response.text}"
-                )
-
-    def update_due_dt(self, iss: Issue, kev_due_date: Optional[str], scanner: str, severity: str) -> Issue:
-        """
-        Find the due date for the issue
-
-        :param Issue iss: RegScale Issue object
-        :param Optional[str] kev_due_date: The KEV due date
-        :param str scanner: The scanner
-        :param str severity: The severity of the issue
-        :return: RegScale Issue object
-        :rtype: Issue
-        """
-        fmt = "%Y-%m-%d %H:%M:%S"
-        days = 30
-        if severity == "medium":
-            severity = "moderate"
-        if severity == "important":
-            severity = "high"
-        if severity not in ["low", "moderate", "high", "critical"]:
-            # An odd severity should be treated as low.
-            severity = "low"
-        try:
-            days = self.attributes.app.config["issues"][scanner][severity]
-        except KeyError:
-            self.attributes.logger.error(
-                "Unable to find severity '%s'\n defaulting to %i days\nPlease add %s to the init.yaml configuration",
-                severity,
-                days,
-                severity,
-            )
-        if kev_due_date and (datetime.strptime(kev_due_date, fmt) > datetime.now()):
-            iss.dueDate = kev_due_date
-        else:
-            iss.dueDate = datetime.strftime(
-                datetime.now() + timedelta(days=days),
-                fmt,
-            )
-        return iss
-
-    def _check_issue(self, issue: Issue) -> None:
-        """
-        Check if the issue is in the data
-
-        :param Issue issue: The issue to check to prevent duplicates
-        :rtype: None
-        """
-        if issue and issue not in self.data["issues"]:
-            self.data["issues"].append(issue)
-
-    def _check_issues(self, issues: List[Issue]) -> None:
-        """
-        Check if the issues are in the data
-
-        :param List[Issue] issues: The issues to check to prevent duplicates
-        """
-        for issue in issues:
-            self._check_issue(issue)
-
-    def check_and_close_issues(self, existing_issues: list[Issue]) -> None:
-        """
-        Function to close issues that are no longer being reported in the export file
-
-        :param list[Issue] existing_issues: List of existing issues in RegScale
-        :rtype: None
-        """
-        existing_cves = self.group_issues_by_cve_id(existing_issues)
-        parsed_cves = {issue.cve for issue in self.data["issues"] if issue.cve}
-        closed_issues = []
-        with create_progress_object() as close_issue_progress:
-            closing_issues = close_issue_progress.add_task(
-                "Comparing parsed issue(s) and existing issue(s)...",
-                total=len(existing_cves),
-            )
-            for cve, issues in existing_cves.items():
-                if cve not in parsed_cves:
-                    for issue in issues:
-                        if issue.status == "Closed":
-                            continue
-                        self.attributes.logger.debug("Closing issue #%s", issue.id)
-                        issue.status = "Closed"
-                        issue.dateCompleted = self.scan_date.strftime("%Y-%m-%d %H:%M:%S")
-                        if issue.save():
-                            self.attributes.logger.debug("Issue #%s closed", issue.id)
-                            closed_issues.append(issue)
-                close_issue_progress.advance(closing_issues, advance=1)
-        self.log_and_save_closed_issues(closed_issues)
-
-    @staticmethod
-    def group_issues_by_cve_id(existing_issues: list[Issue]) -> dict[str, list[Issue]]:
-        """
-        Function to group existing issues from RegScale by cve and returns a dictionary of cveId and issues
-
-        :param list[Issue] existing_issues: List of existing issues in RegScale
-        :returns: A dictionary of cveId and list of issues with the same cveId
-        :rtype: dict[str, list[Issue]]
-        """
-        from collections import defaultdict
-
-        # create a dict with an empty list for each cve, so we can close issues that have duplicate CVEs
-        existing_cves = defaultdict(list)
-        # group issues by cve
-        for issue in existing_issues:
-            if issue.cve:
-                existing_cves[issue.cve].append(issue)
-        return existing_cves
-
-    def log_and_save_closed_issues(self, closed_issues: list[Issue]) -> None:
-        """
-        Log and save the closed issues if any
-
-        :param list[Issue] closed_issues: List of closed issues to log and save
-        :rtype: None
-        """
-        if len(closed_issues) > 0:
-            self.attributes.logger.info("Closed %i issue(s) in RegScale.", len(closed_issues))
-            ReportGenerator(
-                objects=closed_issues,
-                to_file=True,
-                report_name=f"{self.attributes.name}_closed_issues",
-                regscale_id=self.attributes.parent_id,
-                regscale_module=self.attributes.parent_module,
-            )
-
     def _check_vuln(self, vuln_to_check: Union[Vulnerability, "IntegrationFinding"]) -> None:
         """
         Check if the vuln is in the data
@@ -883,13 +719,16 @@ class FlatFileImporter(ABC):
                 continue
 
     @classmethod
-    def common_scanner_options(cls, message: str, prompt: str, import_name: str) -> Callable[[Callable], click.option]:
+    def common_scanner_options(
+        cls, message: str, prompt: str, import_name: str, support_component: bool = False
+    ) -> Callable[[Callable], click.option]:
         """
         Common options for container scanner integrations
 
         :param str message: The message to display to the user
         :param str prompt: The prompt to display to the user
         :param str import_name: The name of the import function
+        :param bool support_component: Whether to support importing data to a component
         :return: The decorated function
         :rtype: Callable[[Callable], click.option]
         """
@@ -936,14 +775,35 @@ class FlatFileImporter(ABC):
                 cls=NotRequiredIf,
                 not_required_if=["s3_bucket", "s3_prefix"],
             )(this_func)
-            this_func = click.option(
-                "--regscale_ssp_id",
-                "-id",
-                type=click.INT,
-                help="The ID number from RegScale of the System Security Plan.",
-                prompt="Enter RegScale System Security Plan ID",
-                required=True,
-            )(this_func)
+            if support_component:
+                # This will be the normal behavior for the imports in the future, but for now we will support it for Trivy, Grype, and OpenText
+                this_func = click.option(
+                    "-id",
+                    "-p",
+                    "--regscale_ssp_id",
+                    "--plan_id",
+                    type=click.INT,
+                    help="The ID number from RegScale of the System Security Plan.",
+                    cls=NotRequiredIf,
+                    not_required_if=["component_id"],
+                )(this_func)
+                this_func = click.option(
+                    "-c",
+                    "--component_id",
+                    type=click.INT,
+                    help="The ID number from RegScale of the Component.",
+                    cls=NotRequiredIf,
+                    not_required_if=["regscale_ssp_id"],
+                )(this_func)
+            else:
+                this_func = click.option(
+                    "--regscale_ssp_id",
+                    "-id",
+                    type=click.INT,
+                    help="The ID number from RegScale of the System Security Plan.",
+                    prompt="Enter RegScale System Security Plan ID",
+                    required=True,
+                )(this_func)
             this_func = click.option(
                 "--scan_date",
                 "-sd",

regscale/models/integration_models/jira_task_sync.py

@@ -0,0 +1,27 @@
+"""
+This module contains the TaskSync class, which is used to sync tasks between RegScale and Jira.
+"""
+
+from typing import Literal
+
+from regscale.models import Task
+
+
+class TaskSync:
+    """
+    This class is used to sync tasks between RegScale and Jira.
+    """
+
+    tasks: list[Task] = []
+    operation: Literal["create", "update", "close"] = ""
+    progress_message: str = ""
+
+    def __init__(self, tasks: list[Task], operation: Literal["create", "update", "close"]):
+        self.tasks = tasks
+        self.operation = operation
+        if operation == "create":
+            self.progress_message = f"[#f8b737]Creating {len(tasks)} task(s) in RegScale..."
+        elif operation == "update":
+            self.progress_message = f"[#f8b737]Updating {len(tasks)} task(s) in RegScale..."
+        elif operation == "close":
+            self.progress_message = f"[#f8b737]Closing {len(tasks)} task(s) in RegScale..."

regscale/models/integration_models/qualys.py

@@ -8,7 +8,7 @@ import logging
 # pylint: disable=C0415
 import re
 from datetime import datetime
-from typing import Any, Iterator, Optional, TypeVar, TextIO
+from typing import Any, Iterator, Optional, TypeVar, TextIO, Union
 
 from openpyxl.reader.excel import load_workbook
 
@@ -63,14 +63,12 @@ class Qualys(FlatFileImporter):
         self.required_headers = [
             SEVERITY,
             self.vuln_title,
-            EXPLOITABILITY,
             CVE_ID,
             SOLUTION,
             DNS,
             IP,
             QG_HOST_ID,
             OS,
-            NETBIOS,
             FQDN,
         ]
         logger = create_logger()
@@ -110,7 +108,7 @@ class Qualys(FlatFileImporter):
                 "isPublic": True,
                 "status": "Active (On Network)",
                 "assetCategory": "Hardware",
-                "qualysId": self.mapping.get_value(dat, QG_HOST_ID),  # UUID from Nessus HostProperties tag
+                "qualysId": str(self.mapping.get_value(dat, QG_HOST_ID)),  # UUID from Nessus HostProperties tag
                 "bLatestScan": True,
                 "bAuthenticatedScan": True,
                 "scanningTool": "Qualys",
@@ -177,7 +175,7 @@ class Qualys(FlatFileImporter):
         return regscale_vuln
 
     @staticmethod
-    def extract_float(s: str) -> Any:
+    def extract_float(s: Union[str, float, int]) -> Optional[float]:
         """
         Extract a float from a string
 
@@ -185,8 +183,9 @@ class Qualys(FlatFileImporter):
         :return: Float extracted from string or None
         :rtype: Any
         """
-        matches = re.findall(r"[-+]?[0-9]*\.?[0-9]+", s)
-        if matches:
+        if isinstance(s, (float, int)):
+            return float(s)
+        if matches := re.findall(r"[-+]?[0-9]*\.?[0-9]+", s):
             return float(matches[0])
         else:
             return None