def test_parse_file_with_multiple_vuln_has_multiple_findings(self):
testfile = open(get_unit_tests_path() +
"/scans/qualys/Qualys_Sample_Report.xml")
parser = QualysParser()
findings = parser.get_findings(testfile, Test())
for finding in findings:
for endpoint in finding.unsaved_endpoints:
endpoint.clean()
self.assertEqual(301, len(findings))
finding = findings[0]
self.assertEqual(finding.title, "QID-6 | DNS Host Name")
self.assertEqual(finding.severity, "Informational")
self.assertEqual(finding.unsaved_endpoints[0].host,
"demo13.s02.sjc01.qualys.com")
for finding in findings:
if finding.unsaved_endpoints[
0].host == "demo14.s02.sjc01.qualys.com" and finding.title == "QID-370876 | AMD Processors Multiple Security Vulnerabilities (RYZENFALL/MASTERKEY/CHIMERA-FW/FALLOUT)":
finding_cvssv3_score = finding
if finding.unsaved_endpoints[
0].host == "demo13.s02.sjc01.qualys.com" and finding.title == "QID-370876 | AMD Processors Multiple Security Vulnerabilities (RYZENFALL/MASTERKEY/CHIMERA-FW/FALLOUT)":
finding_cvssv3_vector = finding
self.assertEqual(
# CVSS_FINAL is defined without a cvssv3 vector
finding_cvssv3_score.cvssv3,
None)
self.assertEqual(finding_cvssv3_score.severity, "High")
self.assertEqual(finding_cvssv3_vector.cvssv3,
"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H")
self.assertEqual(finding_cvssv3_vector.severity, "Critical")
def test_parse_file_with_no_vuln_has_no_findings(self):
testfile = open(
"dojo/unittests/scans/qualys/empty.xml"
)
parser = QualysParser()
findings = parser.get_findings(testfile, Test())
self.assertEqual(0, len(findings))
def test_parse_file_with_multiple_vuln_has_multiple_findings(self):
testfile = open("dojo/unittests/scans/qualys/Qualys_Sample_Report.xml")
parser = QualysParser()
findings = parser.get_findings(testfile, Test())
self.assertEqual(299, len(findings))
finding = findings[0]
self.assertEqual(finding.title, "QID-6 | DNS Host Name")
self.assertEqual(finding.severity, "Informational")
self.assertEqual(finding.unsaved_endpoints[0].host,
"demo13.s02.sjc01.qualys.com")