update_finding
Update an existing vulnerability finding by ID with optional changes to severity, status, or mitigation. Mitigated-to-unmitigated transitions require engagement management role.
Instructions
Update an existing finding. Requires write scope. Rate-limited. Args: finding_id (> 0), plus optional: title, severity (Critical/High/Medium/Low/Info), description, active, verified, false_p, duplicate, out_of_scope, is_mitigated. At least one field required. Returns JSON with updated finding. State-transition gate (F-008/F-018): mitigated→unmitigated cascades (active=true, explicit is_mitigated=false, or false_p/duplicate/out_of_scope flips) are rejected with a redirect to reopen_finding unless the caller's role bears engagement_mgmt (writer/admin).
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| title | No | ||
| active | No | ||
| false_p | No | ||
| severity | No | ||
| verified | No | ||
| duplicate | No | ||
| finding_id | Yes | ||
| description | No | ||
| is_mitigated | No | ||
| out_of_scope | No |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |