public/New-NexposeVulnerabilityException.ps1
Function New-NexposeVulnerabilityException { <# .SYNOPSIS Creates a vulnerability exception. .DESCRIPTION Creates a vulnerability exception. .PARAMETER Type The type of the exception scope. One of: "Global", "Site", "Asset", "Asset Group", "Instance" .PARAMETER AppliesToId The identifier of the vulnerability to which the exception applies .PARAMETER VulnerabilityId The identifier of the vulnerability to which the exception applies. .PARAMETER ExpiryDate The date and time the vulnerability exception is set to expire. .PARAMETER Reason The reason the vulnerability exception was submitted. One of: "False Positive", "Compensating Control", "Acceptable Use", "Acceptable Risk", "Other" .PARAMETER Comment A comment from the submitter as to why the exception was submitted. .EXAMPLE New-NexposeVulnerabilityException -Type 'Global' -VulnerabilityId '7-zip-cve-2016-9296' -Reason 'Acceptable Risk' -Comment 'Upgrades are coming' .NOTES For additional information please see my GitHub wiki page .FUNCTIONALITY POST: vulnerability_exceptions .LINK https://github.com/My-Random-Thoughts/Rapid7Nexpose #> [CmdletBinding(SupportsShouldProcess)] Param ( [Parameter(Mandatory = $true)] [ValidateSet('Global','Site','Asset','Asset Group')] [string]$Type, [int]$AppliesToId, [Parameter(Mandatory = $true)] [string]$VulnerabilityId, [datetime]$ExpiryDate, [Parameter(Mandatory = $true)] [ValidateSet('False Positive','Compensating Control','Acceptable Use','Acceptable Risk','Other')] [string]$Reason, [Parameter(Mandatory = $true)] [string]$Comment ) Begin { [string]$State = 'Under Review' If (($Type -ne 'Global') -and ($AppliesToId -lt 1)) { Throw 'Invalid or missing "AppliesToId" value' } } Process { $apiQuery = @{ state = $State submit = @{ comment = $Comment reason = $Reason } scope = @{ type = $Type id = $AppliesToId vulnerability = $VulnerabilityId } } If ($ExpiryDate) { $apiQuery += @{ expires = $ExpiryDate } } If ($PSCmdlet.ShouldProcess($VulnerabilityId)) { Write-Output (Invoke-NexposeQuery -UrlFunction 'vulnerability_exceptions' -ApiQuery $apiQuery -RestMethod Post) } } End { } } |