Cyver Core offers an XML importer for HCL AppScan vulnerability scanning results. To use it, simply export your AppScan findings as an XML file and import them directly into Cyver Core from the Import Findings tab. The importer is compatible with standard output generated by HCL AppScan.
Cyver Core also supports automated imports via API, making it easy to integrate AppScan findings into your security workflow across multiple projects.
Findings Field Mapping
| Field | Values | Example |
| Code | default: auto-generated | |
| Title | <title>Browser Exploit Against SSL/TLS (a.k.a. BEAST)</title> | |
| Type | Vulnerability Observation | |
| Assets | ||
| Description | ||
| Occurrence | ||
| Labels | ||
| Severity | Info Low Medium High Critical default: Info | <severity>High</severity> |
| CVSS20Score | ||
| CVSS20Vector | ||
| CVSS30Score | ||
| CVSS30Vector | ||
| CVSS31Score | ||
| CVSS31Vector | ||
| CVSS40Score | ||
| CVSS40Vector | ||
| Impact | 0 1 2 3 4 5 default: 0 | |
| ImpactDescription | ||
| Likelihood | 0 1 2 3 4 5 default: 0 | |
| LikelihoodDescription | ||
| VulnerabilityTypes | DoS CodeExecution Overflow MemoryCorruption SqlInjection XSS DirectoryTraversal HttpResponseSplitting BypassSomething GainInformation GainPrivileges CSRF FileInclusion | |
| CWEList | for example: CWE-1; CWE-721 | <cweList>CWE-327</cweList> |
| CVEList | for example: CVE-1; CVE-721 | <cveList>CVE-2011-3389</cveList> |
| MITRE ATT&CK Techniques | ||
| MITRE ATT&CK Mitigations | ||
| MITRE ATT&CK Tactics | ||
| Controls | ||
| Compliance Status | ||
| Compliance Comment | ||
| BackgroundInformation | <backgroundInformation> It may be possible to steal or manipulate customer session and cookies, which might be used to impersonate a legitimate user, allowing the hacker to view or alter user records, and to perform transactions as that user </backgroundInformation> | |
| Recommendation | <recommendation>Change server's supported ciphersuites</recommendation> | |
| External References | ||
| Status | Draft PendingFix Fixed ReadyRetest Accepted ToReview Reviewed default: Draft | |
| Evidence Title | ||
| Evidence Location | ||
| Evidence Version | ||
| Evidence Reproduction | ||
| Evidence Results | ||
| Evidence Issue Details |
Important Notes & Limitations
- The maximum number of findings that can be imported in a single upload is 5,000 findings.
- If your file exceeds this limit, the import may fail depending on the selected import options (e.g., aggregation settings or filtering by severity).