Third Party Vulnerability Entry (QID)

Khanna Ji · ‎02-05-2019

I have integrated Qualys with ServiceNow and it started created items and groups with Qualys Ids (QIDs). The issue with these QIDs is that Threat and Solution fields are coming as blank. There must be some information about this third party vulnerability.

What do you think? Is Qualys sending a blank info or I am missing something?

Chris McDevitt · ‎02-07-2019

Yes, this is a Qualys issue. This is common.

1. Double check that your user account has API Access

Qualys > User Profile > User Role (Make sure API is checked)

2. Qualys support can turn on the API for you to access if you are entitled.

View solution in original post

Chris McDevitt · ‎02-07-2019

Yes, this is a Qualys issue. This is common.

1. Double check that your user account has API Access

Qualys > User Profile > User Role (Make sure API is checked)

2. Qualys support can turn on the API for you to access if you are entitled.

Khanna Ji · ‎02-07-2019

1. Double check that your user account has API Access


        Qualys > User Profile > User Role (Make sure API is checked)

Yes - account has API access, that is why it is importing vulnerabilities and CIs to ServiceNow.

2. Qualys support can turn on the API for you to access if you are entitled.

What do you mean by this?

Chris McDevitt · ‎02-08-2019

I have seen customers entitle(i.e. licensed) to API access, but it just was not turned for their account. They simply opened a support case and Qualys fixed it for them.

Khanna Ji · ‎02-12-2019

Can you give me a link to download one record for vulnerability from Postman like you gave me for below?

https://qualysapi.qg3.apps.qualys.com/api/2.0/fo/knowledge_base/vuln/?action=list&details=All&ids=115824

Or let me know how to build the URL like above one? I just wanted to know if its a complete API access issue or just a subscription issue.