Overrides not showing in API results

DennisR · February 21, 2020, 12:49pm

I used this python library: https://github.com/mpicard/pyvas
to retrieve all threats with the severity of five or above. Then I tried marking the following threat as “False Positiv” and again retrieved all threats with the severity of five or above.
But the threat hasn’t changed. Following is the threat after I applied the override.

  { 
       'name':'Missing `httpOnly` Cookie Attribute',
       'owner':{ 
          'name':'user'
       },
       'comment':None,
       'creation_time':'2020-02-10T11:50:28Z',
       'modification_time':'2020-02-10T11:50:28Z',
       'user_tags':{ 
          'count':'1'
       },
       'host':{ 
          'asset':{ 
             '@asset_id':'b59h48ea-e846-40e4-affc-04a4ffb64f1a'
          },
          '#text':'10.4.100.208'
       },
       'port':'9080/tcp',
       'nvt':{ 
          'type':'nvt',
          'name':'Missing `httpOnly` Cookie Attribute',
          'family':'Web application abuses',
          'cvss_base':'5.0',
          'cve':'NOCVE',
          'bid':'NOBID',
          'xref':'URL:https://www.owasp.org/index.php/HttpOnly, URL:https://www.owasp.org/index.php/Testing_for_cookies_attributes_(OTG-SESS-002)',
          'tags':"cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:N/A:N|summary=The application is missing the 'httpOnly' cookie attribute|vuldetect=Check all cookies sent by the application for a missing 'httpOnly' attribute|insight=The flaw is due to a cookie is not using the 'httpOnly' attribute. This\n  allows a cookie to be accessed by JavaScript which could lead to session hijacking attacks.|affected=Application with session handling in cookies.|solution=Set the 'httpOnly' attribute for any session cookie.|solution_type=Mitigation|qod_type=remote_banner",
          'cert':None,
          '@oid':'1.3.6.1.4.1.25623.1.0.105925'
       },
       'scan_nvt_version':'2019-11-21T13:29:18+0000',
       'threat':'Medium',
       'severity':'5.0',
       'qod':{ 
          'value':'80',
          'type':'remote_banner'
       },
       'description':'The cookies:\n\nSet-Cookie: Domain=10.4.200.53;Domain=10.4.100.40;Path=/;Secure \n\nare missing the "httpOnly" attribute.',
       'original_threat':'Medium',
       'original_severity':'5.0',
       'notes':None,
       'overrides':None,
       '@id':'80f2186b-27f2-4d0a-0f02-17e748a73034'
    }

In the web GUI the threats is displayed as “False Positiv” and not counted but the API output is still showing “‘overrides’:None” and “‘severity’:‘5.0’” as if there were no override.
Could this be a bug of the OpenVAS API?

bricks · February 21, 2020, 12:53pm

pyvas is not our official API nor is it connected to the GVM/OpenVAS project at all. Please take a look at
https://python-gvm.readthedocs.io/ and

for our official API.

DennisR · February 21, 2020, 12:56pm

I know that pyvas is not the official library. The Library is just for the connection to the API the results are the same.

bricks · February 21, 2020, 1:00pm

You really should use our API. How should we able to answer questions about unrelated software?

DennisR · February 21, 2020, 1:05pm

I think you mixed up API and library.
I use your API and the pyvas library to call it. The library is just to make it easier it does not change the result. I cloud use your library but the official python library for OpenVAS does not support python 3.x nor does it support the newest version of OpenVAS. Because of this, I have to use the before mentioned library.

DennisR · February 21, 2020, 1:09pm

I found this guy with the same issue:

bricks · February 21, 2020, 1:30pm

???

python-gvm requires at least Python 3.5. Python 2 is not supported.

python-gvm is our official Python API. If you are sure you are sending a valid GMP request with this other library you should post the XML GMP request here and also you should post the used version of our management daemon gvmd.