Nexpose Client v6.0.0

New Features!

With the Release of Nexpose version 6.4.29 on 03/29/2017, we now provide the ability to add vulnerability exceptions on Asset Groups. This new version of the gem now allows access to some of that functionality.

However, the ability to create VulnExceptions based on AssetGroups via the gem is not in place currently. The following additional actions are still functional for VulnExceptions around asset groups: resubmit, recall, approve, reject, delete, update_submitter_comment, and update_expiration_date. All methods for VulnExceptions are available and work as intended for all other scopes.

---

Updated :: VulnExceptions attributes.

The following attributes have been added to the VulnExceptions class, review_date, submit_date, and asset_group_id. Both the review and submit date are standard Ruby Time objects.

---

Updated :: Connection#list_vuln_exceptions to output only 'Active' vuln exceptions, and asset group support.

This method has had a significant overhaul, and any existing scripts or automation should be double checked prior to first usage.

• This will only return 'Active' vuln exceptions.
  • 'Approved', 'Under Review', 'Rejected'.
• The status 'DELETED' will never return any results.
• The status argument has be strengthened and the various ways status can be typed should be supported.
  • E.g. conn.list_vuln_exceptions("UNDER_REVIEW") and conn.list_vuln_exceptions("under review") will both only return the Under Review vuln exceptions.
• The duration argument has been removed.
  • Although duration is no longer supported, the VulnException class now has the submit_date and review_date attributes available. With the addition of these two attributes, similar tasks where one would use duration can now be accomplished in a more meaningful way.

---

Removed

Connection#list_vuln_exceptions no longer accepts the duration parameter.