Qualys (Web App Scanner)

title

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><TITLE>

severity

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><SEVERITY>

We are passed a number, which gets evaluated as following: "0": "Informational", "1": "Informational", "2": "Low", "3": "Medium", "4": "High", "5": "Critical",

references

Any data surrounded by <![CDATA[some stuff]]> tag is removed before storing the data. All the data from the tags are stored into a list that is saved as reference links.

recommendations

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><SOLUTION>

description

Any data surrounded by <![CDATA[some stuff]]> tag is removed before storing the data. Data is combined.

evidence

risk_score

tags

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><SEVERITY>

If severity is 1, then we give it a tag of "minimal".

common_identifiers

field: ["scores"]["cvss"]

label

Hardcoded "CVSS Base Score"

value

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><CVSS_SCORE><CVSS_BASE>

field: ["cvss_temporal"]

label

Hardcoded "CVSS Temporal Score"

value

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><CVSS_SCORE><CVSS_TEMPORAL>

field: ["scores"]["cvss3"]

label

Hardcoded "CVSSv3 Base Score"

value

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><CVSS3_SCORE><CVSS3_BASE>

field: ["cvss3_temporal"]

label

Hardcoded "CVSSv3 Temporal Score"

value

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><CVSS3_SCORE><CVSS3_TEMPORAL>

field: ["scores"]["pci_flag"]

label

Hardcoded "PCI_FLAG"

value

<WAS_SCAN_REPORT><GLOSSARY><QID_LIST><QID><PCI_FLAG>

field: ["cwe"]

label

Hardcoded "CWE"

value

<GLOSSARY><QID_LIST><QID><CWE>

field: ["wasc"]

label

Hardcoded "WASC"

value

<GLOSSARY><QID_LIST><QID><WASC>

field: ["category"]

label

Hardcoded "Category"

value

<GLOSSARY><QID_LIST><QID><CATEGORY>

field: ["owasp"]

label

Hardcoded "OWASP"

value

<GLOSSARY><QID_LIST><QID><OWASP>

asset

<WAS_SCAN_REPORT><RESULTS><VULNERABILITY_LIST><VULNERABILITY><URL>

There is some logic here for parent/child relationship.