查询单台服务器漏洞信息
功能介绍
查询单台服务器漏洞信息
调用方法
请参见如何调用API。
URI
GET /v5/{project_id}/vulnerability/host/{host_id}
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
project_id |
是 |
String |
租户项目ID 最小长度:1 最大长度:256 |
host_id |
是 |
String |
服务器id 最小长度:1 最大长度:128 |
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
enterprise_project_id |
否 |
String |
企业租户ID,“0”表示默认企业项目,查询所有企业项目时填写:all_granted_eps 缺省值:0 最小长度:0 最大长度:256 |
type |
否 |
String |
漏洞类型,默认为linux_vul,包括如下:
最小长度:0 最大长度:64 |
vul_name |
否 |
String |
漏洞名称 最小长度:0 最大长度:256 |
limit |
否 |
Integer |
每页显示个数 最小值:0 最大值:200 缺省值:10 |
offset |
否 |
Integer |
偏移量:指定返回记录的开始位置,必须为数字,取值范围为大于或等于0,默认0 最小值:0 最大值:2000000 缺省值:0 |
handle_status |
否 |
String |
处置状态,包含如下:
最小长度:1 最大长度:32 |
status |
否 |
String |
漏洞状态,包含如下:
最小长度:1 最大长度:32 |
repair_priority |
否 |
String |
修复优先级,包含如下
最小长度:1 最大长度:10 |
请求参数
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
X-Auth-Token |
是 |
String |
用户Token。 通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值) 最小长度:1 最大长度:32768 |
响应参数
状态码: 200
参数 |
参数类型 |
描述 |
|---|---|---|
total_num |
Long |
总数 最小值:0 最大值:2147483647 |
data_list |
Array of HostVulInfo objects |
服务器上的漏洞列表 数组长度:0 - 2147483647 |
参数 |
参数类型 |
描述 |
|---|---|---|
vul_name |
String |
漏洞名称 最小长度:0 最大长度:256 |
vul_id |
String |
漏洞ID 最小长度:0 最大长度:64 |
label_list |
Array of strings |
漏洞标签列表 最小长度:0 最大长度:65534 数组长度:0 - 2147483647 |
repair_necessity |
String |
修复紧急度,包括如下:
最小长度:0 最大长度:64 |
scan_time |
Long |
最近扫描时间 最小值:0 最大值:9223372036854775807 |
type |
String |
漏洞类型,包含如下: -linux_vul : linux漏洞 -windows_vul : windows漏洞 -web_cms : Web-CMS漏洞 -app_vul : 应用漏洞 最小长度:0 最大长度:128 |
app_list |
Array of app_list objects |
服务器上受该漏洞影响的软件列表 数组长度:0 - 2147483647 |
severity_level |
String |
危险程度
最小长度:1 最大长度:128 |
solution_detail |
String |
解决方案 最小长度:0 最大长度:65534 |
url |
String |
URL链接 最小长度:0 最大长度:2083 |
description |
String |
漏洞描述 最小长度:0 最大长度:65534 |
repair_cmd |
String |
修复命令行 最小长度:1 最大长度:256 |
status |
String |
漏洞状态
最小长度:1 最大长度:128 |
repair_success_num |
Integer |
HSS全网修复该漏洞的次数 最小值:0 最大值:1000000 |
cve_list |
Array of cve_list objects |
CVE列表 数组长度:1 - 10000 |
is_affect_business |
Boolean |
是否影响业务 |
first_scan_time |
Long |
首次扫描时间 最小值:0 最大值:9223372036854775807 |
app_name |
String |
软件名称 最小长度:0 最大长度:256 |
app_version |
String |
软件版本 最小长度:0 最大长度:256 |
app_path |
String |
软件路径 最小长度:0 最大长度:512 |
version |
String |
主机配额 最小长度:0 最大长度:128 |
support_restore |
Boolean |
是否可以回滚到修复漏洞时创建的备份 |
disabled_operate_types |
Array of disabled_operate_types objects |
该漏洞不可进行的操作类型列表 数组长度:1 - 10000 |
repair_priority |
String |
修复优先级,包含如下
最小长度:1 最大长度:10 |
请求示例
查询id为xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx的服务器上的漏洞列表前10条数据
GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/host/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx?offset=0&limit=10
响应示例
状态码: 200
服务器上的漏洞列表
{
"data_list" : [ {
"app_list" : [ {
"app_name" : "Apache Log4j API(Apache Log4j API)",
"app_version" : "2.8.2",
"upgrade_version" : "2.8.3",
"app_path" : "/CloudResetPwdUpdateAgent/lib/log4j-api-2.8.2.jar"
}, {
"app_name" : "Apache Log4j Core(Apache Log4j Core)",
"app_version" : "2.8.2",
"upgrade_version" : "2.8.3",
"app_path" : "/CloudResetPwdUpdateAgent/lib/log4j-api-2.8.2.jar"
} ],
"app_name" : "Apache Log4j API(Apache Log4j API)",
"app_path" : "/CloudResetPwdUpdateAgent/lib/log4j-api-2.8.2.jar",
"app_version" : "2.8.2",
"cve_list" : [ {
"cve_id" : "CVE-2021-45046",
"cvss" : 9
} ],
"description" : "发现在某些非默认配置中, Apache Log4j 2.15.0中针对CVE-2021-44228的修复不完整。当日志记录配置使用具有上下文查找(例如$${ctx:loginId})或线程上下文映射模式(%X, %mdc或%MDC)使用JNDI查找模式构建恶意输入数据,从而在某些环境中导致信息泄漏和远程代码执行。Log4j 2.16.0 (Java 8)和2.12.2 (Java 7)通过删除对消息查找模式的支持并在默认情况下禁用JNDI功能来修复此问题。",
"first_scan_time" : 1688956612533,
"is_affect_business" : true,
"label_list" : [ ],
"repair_necessity" : "Critical",
"scan_time" : 1690469489713,
"severity_level" : "Critical",
"repair_cmd" : "yum update tcpdump",
"solution_detail" : "针对该漏洞的官方修复建议已发布,您可点击链接按照建议进行修复:\nhttps://logging.apache.org/log4j/2.x/security.html\n针对该漏洞的补丁可参考:\nhttps://www.oracle.com/security-alerts/cpujan2022.html\n针对该漏洞的非官方修复建议可参考:\nhttp://www.openwall.com/lists/oss-security/2021/12/14/4\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\nhttp://www.openwall.com/lists/oss-security/2021/12/15/3\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf\nhttps://www.kb.cert.org/vuls/id/930724\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf\nhttps://www.debian.org/security/2021/dsa-5022\nhttps://www.oracle.com/security-alerts/alert-cve-2021-44228.html\nhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032\nhttp://www.openwall.com/lists/oss-security/2021/12/18/1\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/\n针对该漏洞的漏洞利用/POC已曝光,可参考下方链接进行验证:\nhttps://github.com/X1pe0/Log4J-Scan-Win\nhttps://github.com/cckuailong/Log4j_CVE-2021-45046\nhttps://github.com/BobTheShoplifter/CVE-2021-45046-Info\nhttps://github.com/tejas-nagchandi/CVE-2021-45046\nhttps://github.com/pravin-pp/log4j2-CVE-2021-45046\nhttps://github.com/mergebase/log4j-samples\nhttps://github.com/lukepasek/log4jjndilookupremove\nhttps://github.com/ludy-dev/cve-2021-45046\nhttps://github.com/lijiejie/log4j2_vul_local_scanner\nhttps://github.com/CaptanMoss/Log4Shell-Sandbox-Signature\nhttps://github.com/taise-hub/log4j-poc",
"status" : "vul_status_unfix",
"type" : "app_vul",
"url" : "[\"https://www.oracle.com/security-alerts/cpujan2022.html\"]",
"version" : "hss.version.wtp",
"vul_id" : "HCVD-APP-CVE-2021-45046",
"vul_name" : "CVE-2021-45046",
"repair_success_num" : 3,
"support_restore" : true,
"disabled_operate_types" : [ {
"operate_type" : "immediate_repair",
"reason" : "cce机器的内核漏洞不支持自动修复"
} ]
} ],
"total_num" : 31
}
SDK代码示例
SDK代码示例如下。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.hss.v5.region.HssRegion; import com.huaweicloud.sdk.hss.v5.*; import com.huaweicloud.sdk.hss.v5.model.*; public class ListHostVulsSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); HssClient client = HssClient.newBuilder() .withCredential(auth) .withRegion(HssRegion.valueOf("<YOUR REGION>")) .build(); ListHostVulsRequest request = new ListHostVulsRequest(); request.withEnterpriseProjectId("<enterprise_project_id>"); request.withType("<type>"); request.withVulName("<vul_name>"); request.withLimit(<limit>); request.withOffset(<offset>); request.withHandleStatus("<handle_status>"); request.withStatus("<status>"); request.withRepairPriority("<repair_priority>"); try { ListHostVulsResponse response = client.listHostVuls(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
# coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkhss.v5.region.hss_region import HssRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkhss.v5 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = __import__('os').getenv("CLOUD_SDK_AK") sk = __import__('os').getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = HssClient.new_builder() \ .with_credentials(credentials) \ .with_region(HssRegion.value_of("<YOUR REGION>")) \ .build() try: request = ListHostVulsRequest() request.enterprise_project_id = "<enterprise_project_id>" request.type = "<type>" request.vul_name = "<vul_name>" request.limit = <limit> request.offset = <offset> request.handle_status = "<handle_status>" request.status = "<status>" request.repair_priority = "<repair_priority>" response = client.list_host_vuls(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := hss.NewHssClient( hss.HssClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ListHostVulsRequest{} enterpriseProjectIdRequest:= "<enterprise_project_id>" request.EnterpriseProjectId = &enterpriseProjectIdRequest typeRequest:= "<type>" request.Type = &typeRequest vulNameRequest:= "<vul_name>" request.VulName = &vulNameRequest limitRequest:= int32(<limit>) request.Limit = &limitRequest offsetRequest:= int32(<offset>) request.Offset = &offsetRequest handleStatusRequest:= "<handle_status>" request.HandleStatus = &handleStatusRequest statusRequest:= "<status>" request.Status = &statusRequest repairPriorityRequest:= "<repair_priority>" request.RepairPriority = &repairPriorityRequest response, err := client.ListHostVuls(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
状态码 |
描述 |
|---|---|
200 |
服务器上的漏洞列表 |
错误码
请参见错误码。
