Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

How do i get CWE references from /scan response

Jb | Last updated: Mar 28, 2019 06:24AM UTC

I have noticed that Burp Suite Enterprise Edition web app has CWE references included under ‘Vulnerability classifications’ in every scan result. however, API json scan output doesn’t contain it. I would like to have these CWE references included in “/scan/[task_id: String]” response. How to achieve that ?

PortSwigger Agent | Last updated: Mar 28, 2019 10:51AM UTC

If you have Burp Pro, the REST API has an endpoint /knowledge_base/issue_definitions that lets you map the type_index of the issue to such data. This is currently missing from the Burp Enterprise APi but we are going to add it.

Burp User | Last updated: May 17, 2019 06:16PM UTC

Is there a timeframe for implementation?

Rose, PortSwigger Agent | Last updated: May 20, 2019 09:14AM UTC

The /knowledge_base/issue_definitions endpoint has been added to the Burp Enterprise API. Please update your version to access this functionality.

Burp User | Last updated: Nov 16, 2019 03:30PM UTC

Is there any documentation from Burp with a table of Vulnerability type / CWE /plugin from Burp?

Michelle, PortSwigger Agent | Last updated: Nov 18, 2019 10:28AM UTC