Help Center
News
Indusface
Help Center
News
Indusface
AppTrana
Indusface WAS
Indusface WAS MSSP
WAS MSSP Consultant
WAS MSSP Consultant
Administrators
WAS MSSP Consultant Admin
WAS MSSP Consultant Admin Consultancy Service Listing Manual Scan API Service List Vulnerability Add Vulnerability
Additional Resources
Zero-Day Vulnerability Reports
Security Bulletins
AppTrana API Integration
Release Notes

Add Vulnerability

Provides the option for consultants to manually add new vulnerabilities into the platform’s database. This ensures flexibility to capture findings that may not be identified through automated tools. 

Accessing Add Vulnerability Item 

  • Navigate to WAS MSSP Consultant Admin  
  • Click Add Vulnerability 

A screenshot of a computer AI-generated content may be incorrect. 

A screenshot of a computer AI-generated content may be incorrect. 

 

Field 

Purpose 

Example Entry 

Vulnerability Title Title to identify the vulnerability. SQL Injection in Login Page 
Vulnerability Name Name/type of issue you are reporting. SQL Injection 
Severity Risk level based on business and technical impact. Critical 
Description Summary of the vulnerability and technical background. “Login form does not validate input, allowing SQL injection.” 
References Links or references for more information. OWASP SQL Injection Guide 
Solution Recommended remediation steps. “Use parameterized queries and input validation.” 
Complexity Effort or skill required to exploit. Low 
CVSS Base Base score according to CVSS standard. 9.1 (Critical) 
CVE ID URLs URLs of related CVE entries. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12345 
CVSS Score Severity rating based on CVSS standards. 9.1 (Critical) 
CVSS Vector Breakdown of CVSS metrics. AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 
PCI DSS PCI requirement this vulnerability impacts. Req. 6.5.1 – Input Validation 
CVSS Version CVSS standard version used. 3.1 
CWE ID Weakness category ID from CWE database. CWE-89 (SQL Injection) 
OWASP Category ID Mapping to OWASP Top 10 categories. A03:2021 – Injection 
Scanner Type List Scanner or tool that detected the vulnerability. Acunetix, Burp Suite 

 

  • Click Save to save the entered vulnerability details and updates the database. 
  • Click Cancel to discard any changes and return to the previous screen without saving. 

A screenshot of a computer AI-generated content may be incorrect. 

The added vulnerability can then be selected from the database when adding a new vulnerability to an application. 

WAS MSSP Consultant Admin -> Manual Scan->Add New 

Refer to the Manual Scan document, Add New section to learn more.  

A screenshot of a computer AI-generated content may be incorrect. 

Was this helpful?

Powered by Product Fruits