update

manuel-sommer · manuel-sommer · commit 38193790ad6f · 2025-06-06T20:57:16.000+02:00
diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
@@ -1345,7 +1345,7 @@ def saml2_attrib_map_format(din):
     "Red Hat Satellite": ["description", "severity"],
     "Qualys Hacker Guardian Scan": ["title", "severity", "description"],
     "Cyberwatch scan (Galeax)": ["title", "description", "severity"],
-    "Cycognito Scan": ["description"],
+    "Cycognito Scan": ["title", "severity"],
 }
 
 # Override the hardcoded settings here via the env var
diff --git a/dojo/tools/cycognito/parser.py b/dojo/tools/cycognito/parser.py
@@ -20,6 +20,7 @@ def get_findings(self, file, test):
         for vulnerability in data:
             description = ""
             mitigation = ""
+            impact = ""
             confidence = vulnerability.get("confidence", None)
             affected_asset = vulnerability.get("affected_asset", None)
             package = vulnerability.get("package", None)
@@ -82,7 +83,7 @@ def get_findings(self, file, test):
                 description += "**tech_owners:** " + str(tech_owners) + "\n"
             if teams and teams is not None:
                 description += "**teams:** " + str(teams) + "\n"
-            if potential_threat and potential_impact is not None:
+            if potential_threat and potential_threat is not None:
                 description += "**potential_threat:** " + str(potential_threat) + "\n"
             if attacker_interest is not None and not "None":
                 description += "**attacker_interest:** " + str(attacker_interest) + "\n"
@@ -147,7 +148,7 @@ def get_findings(self, file, test):
             if remediation_steps is not None:
                 mitigation += "**remediation_steps:** " + str("\n ".join(remediation_steps)) + "\n"
             if potential_impact and potential_impact is not None:
-                description += "**potential_impact:** " + str(", ".join(potential_impact)) + "\n"
+                impact = "**potential_impact:** " + str(", ".join(potential_impact)) + "\n"
             finding = Finding(
                 title=title,
                 test=test,
@@ -157,6 +158,7 @@ def get_findings(self, file, test):
                 date=datetime.strptime(first_detected, "%Y-%m-%dT%H:%M:%S.%fZ").strftime("%Y-%m-%d"),
                 dynamic_finding=True,
                 mitigation=mitigation,
+                impact=impact,
             )
             if cve_ids and cve_ids is not None:
                 finding.unsaved_vulnerability_ids = []

Original file line number	Diff line number	Diff line change
`@@ -1345,7 +1345,7 @@ def saml2_attrib_map_format(din):`
`1345`	`1345`	`"Red Hat Satellite": ["description", "severity"],`
`1346`	`1346`	`"Qualys Hacker Guardian Scan": ["title", "severity", "description"],`
`1347`	`1347`	`"Cyberwatch scan (Galeax)": ["title", "description", "severity"],`
`1348`		`- "Cycognito Scan": ["description"],`
	`1348`	`+ "Cycognito Scan": ["title", "severity"],`
`1349`	`1349`	`}`
`1350`	`1350`
`1351`	`1351`	`# Override the hardcoded settings here via the env var`