From d5515969d6fc0ceb6b85e406adea6fbf3ac3401a Mon Sep 17 00:00:00 2001 From: Manuel Sommer Date: Wed, 14 Feb 2024 21:41:46 +0100 Subject: [PATCH] :bug: fix nessus severity --- dojo/tools/tenable/xml_format.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/dojo/tools/tenable/xml_format.py b/dojo/tools/tenable/xml_format.py index aa8b17c9b19..f323bcc4f43 100644 --- a/dojo/tools/tenable/xml_format.py +++ b/dojo/tools/tenable/xml_format.py @@ -27,6 +27,21 @@ def get_text_severity(self, severity_id): severity = "Info" return severity + def get_cvss_severity(self, cvss_score): + """Convert data of the report into severity""" + severity = "Info" + if float(cvss_score) >= 9.0: + severity = "Critical" + elif float(cvss_score) >= 7.0: + severity = "High" + elif float(cvss_score) >= 5.0: + severity = "Medium" + elif float(cvss_score) > 0.0: + severity = "Low" + else: + severity = "Info" + return severity + def safely_get_element_text(self, element): if element is None: return None @@ -203,6 +218,11 @@ def get_findings(self, filename: str, test: Test) -> list: if cvssv3_score_element_text is not None: cvssv3_score = cvssv3_score_element_text + cvss = self.safely_get_element_text(item.find("cvss3_base_score")) + if cvss != None: + print(cvss) + severity = self.get_cvss_severity(cvss) + # Determine the current entry has already been parsed in # this report dupe_key = severity + title