InsightVM plugin incompatible with InsightVM 6.6.65

A workflow I was previously using without problem is now throwing errors after Insight VM console upgrade to 6.6.65

rapid7/Rapid7 InsightVM:4.8.1. Step name: update_site_included_targets
py3.7.egg/komand_rapid7_insightvm/actions/update_site_included_targets/action.py", line 28, in run
scope.extend(current_scope[‘addresses’])
KeyError: ‘addresses’

My assumption is that prior to 6.6.65, “get_scope” (fictional API call) would return {‘addresses’:[]} if there were no assets in scope; however, post update, empty lists get dropped. Recommend replacing line 28 of this plugin with " scope.extend(current_scope.get(‘addresses’))"

(Just noticed that this is open sourced in github… Fix KeyError in UpdateSiteIncludedTargets by hashtagcyber · Pull Request #807 · rapid7/insightconnect-plugins · GitHub)

2 Likes

For clarity, I’m adding specific IP addresses to a site with a (currently) empty scope, which worked previously. To verify, I added a dummy host to the scope, and the plugin works correctly.

2 Likes

Thanks for submitting the PR @matt_domko_deprecated and thank you for catching this! If you have questions about getting the requested changes in place, feel free to post there or here. I’m happy to help get that sorted. :slightly_smiling_face: