[PLGN-498] InsightVM Change Top Remediations id (#2194)

* Updated armorblox plugin with the review comments. (#1721) * Initial commit for armorblox plugin * Fix validate errors * Timestamp changes * Updated armorblox-sdk 0.1.4 version in requirements.txt * Updated the suggestions for plugin.spec.yaml * Update plugins/armorblox/help.md * Update plugins/armorblox/help.md * Update plugins/armorblox/help.md * Update plugins/armorblox/help.md * Update plugins/armorblox/help.md * Update plugins/armorblox/help.md * Update plugins/armorblox/help.md * Updated review comments * Update plugins/armorblox/icon_armorblox/triggers/get_incidents/schema.py * Update plugins/armorblox/unit_test/payloads/get_remediation_action.json * Update plugins/armorblox/unit_test/payloads/get_remediation_action.json * Updated armorblox plugin with the required fixes * Updated plugin with latest fixes * Updated plugin with parameterized on test cases * "Fixed review comments" * Updated support field to community in plugin.spec.yaml --------- Co-authored-by: Ankita Sharma <[email protected]> Co-authored-by: Rajat Upadhyaya <[email protected]> * run black linter, fix unit tests and validators (#1857) * plgn-618 insight idr update schema (#2164) * Salesforce - Task Monitor Users: Improved logging (#2170) * [PLGN-621] Add OAuth to ServiceNow Plugin (#2157) * Update plugin spec * Add oauth authentication * get client id instead of key * Bump version * Revert help.md * Add type annotation for BearerAuth * Blacken * Revert Dockerfile * Fix test * Add timeout * black * Fix unit tests * Blacken unit tests * Update request_helper.py * Updated help.md | Added typehints in unittests --------- Co-authored-by: igorski-r7 <[email protected]> * [PLGN-408] Insight IDR - Adding new actions for Get Alert Information, Search Alerts, Retrieve Evidence for a Single Alert and Retrieve Actors for a Single Alert (#2175) * PLGN-408-Adding new actions for Get Alert Information, Search Alerts, Retrieve Evidence for a Single Alert and Retrieve Actors for a Single Alert * PLGN-408-Adding new actions for Get Alert Information, Search Alerts, Retrieve Evidence for a Single Alert and Retrieve Actors for a Single Alert * PLGN-408-Adding new actions for Get Alert Information, Search Alerts, Retrieve Evidence for a Single Alert and Retrieve Actors for a Single Alert * PLGN-408-Re-adding back in size and index to action, dropping version to make a multiple plugin release, adding in type hints * PLGN-408-Running black format * PLGN-408-Updating data to be of type object * PLGN-408-Updating to use f string * PLGN-408-Removing debug print * PLGN-408-Updating error var name * [PLGN-498]- Change Top Remediations id --------- Co-authored-by: SamhithaTatipalli <[email protected]> Co-authored-by: Ankita Sharma <[email protected]> Co-authored-by: Rajat Upadhyaya <[email protected]> Co-authored-by: llaszuk-r7 <[email protected]> Co-authored-by: igorski-r7 <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: igorski-r7 <[email protected]> Co-authored-by: rbowden-r7 <[email protected]>
rapid7 · Jan 15, 2024 · 0e5bb0e · 0e5bb0e
1 parent 473df11
commit 0e5bb0e
Show file tree

Hide file tree

Showing 7 changed files with 12 additions and 11 deletions.
diff --git a/plugins/rapid7_insightvm/.CHECKSUM b/plugins/rapid7_insightvm/.CHECKSUM
@@ -1,7 +1,7 @@
 {
-	"spec": "8c162487e4fc21d316ae671ff14bdada",
-	"manifest": "1ad7045d507da48f30f04999d8e73b3b",
-	"setup": "1c6dcdf34833dd8b8ada2f2a80ae8279",
+	"spec": "04b88b912e8a46ab775db595fe1ae500",
+	"manifest": "d313765e6b145298ffa4f67d78a6ed6e",
+	"setup": "91885bf50e1d55670ad2be454ee9078b",
 	"schemas": [
 		{
 			"identifier": "add_scan_engine_pool_engine/schema.py",
@@ -297,7 +297,7 @@
 		},
 		{
 			"identifier": "top_remediations/schema.py",
-			"hash": "08cb410b6e19f692509163845cceea57"
+			"hash": "0c39bbb6dfe9eb4c871fd4e49c2b37d7"
 		},
 		{
 			"identifier": "update_asset_group_search_criteria/schema.py",

diff --git a/plugins/rapid7_insightvm/bin/komand_rapid7_insightvm b/plugins/rapid7_insightvm/bin/komand_rapid7_insightvm
@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "Rapid7 InsightVM Console"
 Vendor = "rapid7"
-Version = "6.2.0"
+Version = "6.2.1"
 Description = "InsightVM is a powerful vulnerability management tool which finds, prioritizes, and remediates vulnerabilities. This plugin uses an orchestrator to get top remediations, scan results and start scans"
 
 

diff --git a/plugins/rapid7_insightvm/help.md b/plugins/rapid7_insightvm/help.md
@@ -3966,6 +3966,7 @@ Example output:
 
 # Version History
 
+* 6.2.1 - Update Top Remediations id to be the nexpose_id
 * 6.2.0 - `Scan Completion` - New trigger added to retrieve vulnerability information on assets when a scan is completed | Improved error handling across all API calls
 * 6.1.1 - Update actions `Update Site Excluded Targets` and `Update Site Included Targets` to prevent error on empty addresses
 * 6.1.0 - Add new optional input `override_blackout` in `Scan` action

diff --git a/plugins/rapid7_insightvm/komand_rapid7_insightvm/actions/top_remediations/action.py b/plugins/rapid7_insightvm/komand_rapid7_insightvm/actions/top_remediations/action.py
@@ -18,7 +18,7 @@ def __init__(self):
             output=TopRemediationsOutput(),
         )
 
-    def run(self, params={}):
+    def run(self, params={}):  # noqa: MC0001
         remediations_limit = params.get(Input.LIMIT)
         # Generate unique identifier for report names
         identifier = uuid.uuid4()
@@ -124,7 +124,7 @@ def run(self, params={}):
             vuln_limit = params.get(Input.VULNERABILITY_LIMIT)
             if (vuln_limit == 0) or (len(remediations[row["solution_id"]]["vulnerabilities"]) < vuln_limit):
                 vulnerability = {
-                    "id": int(row["vulnerability_id"]),
+                    "id": row["nexpose_id"],
                     "title": row["title"],
                     "description": row["description"],
                     "cvssScore": row["cvss_score"],
@@ -183,7 +183,7 @@ def vulnerabilities_query(limit):
             f"SELECT DISTINCT solution_id, vulnerability_id "
             f"FROM dim_asset_vulnerability_solution "
             f")"
-            f"SELECT DISTINCT fr.solution_id, dv.vulnerability_id, dv.title, dv.description, "
+            f"SELECT DISTINCT fr.solution_id, dv.nexpose_id, dv.title, dv.description, "
             f"dv.severity_score, dv.riskscore, dv.cvss_score "
             f"FROM fact_remediation({limit}, 'riskscore DESC') AS fr "
             f"JOIN remediation_vulnerabilities rv ON fr.solution_id = rv.solution_id "

diff --git a/plugins/rapid7_insightvm/komand_rapid7_insightvm/actions/top_remediations/schema.py b/plugins/rapid7_insightvm/komand_rapid7_insightvm/actions/top_remediations/schema.py
@@ -241,7 +241,7 @@ class TopRemediationsOutput(insightconnect_plugin_runtime.Output):
       "title": "remediation_vulnerability",
       "properties": {
         "id": {
-          "type": "integer",
+          "type": "string",
           "title": "ID",
           "description": "Identifier of the vulnerability",
           "order": 1

diff --git a/plugins/rapid7_insightvm/plugin.spec.yaml b/plugins/rapid7_insightvm/plugin.spec.yaml
@@ -4,7 +4,7 @@ products: [insightconnect]
 name: rapid7_insightvm
 title: Rapid7 InsightVM Console
 description: InsightVM is a powerful vulnerability management tool which finds, prioritizes, and remediates vulnerabilities. This plugin uses an orchestrator to get top remediations, scan results and start scans
-version: 6.2.0
+version: 6.2.1
 supported_versions: ["Rapid7 InsightVM API v3 2022-05-25"]
 vendor: rapid7
 support: rapid7

diff --git a/plugins/rapid7_insightvm/setup.py b/plugins/rapid7_insightvm/setup.py
@@ -3,7 +3,7 @@
 
 
 setup(name="rapid7_insightvm-rapid7-plugin",
-      version="6.2.0",
+      version="6.2.1",
       description="InsightVM is a powerful vulnerability management tool which finds, prioritizes, and remediates vulnerabilities. This plugin uses an orchestrator to get top remediations, scan results and start scans",
       author="rapid7",
       author_email="",