From 53d3d8d452d36aa82f338151077cc89686a62853 Mon Sep 17 00:00:00 2001
From: Felix Hernandez <ffhg_920522@hotmail.com>
Date: Fri, 22 Sep 2023 10:37:03 -0600
Subject: [PATCH] Update Qualys CSV parser to include CVSSv3.1 data headers
 (#8702)

Co-authored-by: Felix Hernandez <felixfhdez15@gmail.com>
---
 dojo/tools/qualys/csv_parser.py | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/dojo/tools/qualys/csv_parser.py b/dojo/tools/qualys/csv_parser.py
index e210c7aea9..15f84117d2 100644
--- a/dojo/tools/qualys/csv_parser.py
+++ b/dojo/tools/qualys/csv_parser.py
@@ -3,6 +3,7 @@
 import logging
 import re
 from datetime import datetime
+from dateutil import parser
 
 from dojo.models import Endpoint, Finding
 
@@ -114,19 +115,26 @@ def build_findings_from_dict(report_findings: [dict]) -> [Finding]:
         else:
             endpoint = Endpoint(host=report_finding["IP"])
 
+        if "CVSS3 Base" in report_finding:
+            cvssv3 = _extract_cvss_vectors(
+                        report_finding["CVSS3 Base"], report_finding["CVSS3 Temporal"]
+                    )
+        elif "CVSS3.1 Base" in report_finding:
+            cvssv3 = _extract_cvss_vectors(
+                        report_finding["CVSS3.1 Base"], report_finding["CVSS3.1 Temporal"]
+                    )
+
         finding = Finding(
             title=f"QID-{report_finding['QID']} | {report_finding['Title']}",
             mitigation=report_finding["Solution"],
             description=f"{report_finding['Threat']}\nResult Evidence: \n{report_finding.get('Threat', 'Not available')}",
             severity=severity_lookup.get(report_finding["Severity"], "Info"),
             impact=report_finding["Impact"],
-            date=datetime.strptime(
-                report_finding["Last Detected"], "%m/%d/%Y %H:%M:%S"
-            ).date(),
-            vuln_id_from_tool=report_finding["QID"],
-            cvssv3=_extract_cvss_vectors(
-                report_finding["CVSS3 Base"], report_finding["CVSS3 Temporal"]
+            date=parser.parse(
+                report_finding["Last Detected"].replace("Z", "")
             ),
+            vuln_id_from_tool=report_finding["QID"],
+            cvssv3=cvssv3
         )
 
         cve_data = report_finding.get("CVE ID")