查询漏洞列表
功能介绍
查询漏洞列表
调用方法
请参见如何调用API。
URI
GET /v5/{project_id}/vulnerability/vulnerabilities
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
project_id |
是 |
String |
项目ID 最小长度:1 最大长度:256 |
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
enterprise_project_id |
否 |
String |
企业项目ID,“0”表示默认企业项目,查询所有企业项目时填写:all_granted_eps 缺省值:0 最小长度:0 最大长度:256 |
type |
否 |
String |
漏洞类型,包含如下: -linux_vul : linux漏洞 -windows_vul : windows漏洞 -web_cms : Web-CMS漏洞 -app_vul : 应用漏洞 最小长度:0 最大长度:32 |
vul_id |
否 |
String |
漏洞ID 最小长度:0 最大长度:256 |
vul_name |
否 |
String |
漏洞名称 最小长度:0 最大长度:256 |
limit |
否 |
Integer |
每页显示个数 最小值:0 最大值:200 缺省值:10 |
offset |
否 |
Integer |
偏移量:指定返回记录的开始位置 最小值:0 最大值:2000000 缺省值:0 |
repair_priority |
否 |
String |
修复优先级 Critical 紧急 High 高 Medium 中 Low 低 最小长度:1 最大长度:10 |
handle_status |
否 |
String |
处置状态,包含如下:
缺省值:unhandled 最小长度:1 最大长度:32 |
cve_id |
否 |
String |
漏洞编号 最小长度:0 最大长度:32 |
label_list |
否 |
String |
漏洞标签 最小长度:0 最大长度:128 |
status |
否 |
String |
漏洞状态 最小长度:0 最大长度:32 |
asset_value |
否 |
String |
资产重要性 important common test 最小长度:0 最大长度:32 |
group_name |
否 |
String |
服务器组名称 最小长度:0 最大长度:256 |
请求参数
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
X-Auth-Token |
是 |
String |
用户Token。 通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值) 最小长度:1 最大长度:32768 |
响应参数
状态码: 200
参数 |
参数类型 |
描述 |
---|---|---|
total_num |
Long |
漏洞总数 最小值:0 最大值:2147483647 |
data_list |
Array of VulInfo objects |
软件漏洞列表 数组长度:0 - 2147483647 |
参数 |
参数类型 |
描述 |
---|---|---|
vul_name |
String |
漏洞名称 最小长度:0 最大长度:256 |
vul_id |
String |
漏洞ID 最小长度:0 最大长度:64 |
label_list |
Array of strings |
漏洞标签 最小长度:0 最大长度:65534 数组长度:0 - 2147483647 |
repair_necessity |
String |
修复必要性
最小长度:0 最大长度:64 |
severity_level |
String |
漏洞级别
最小长度:0 最大长度:64 |
host_num |
Integer |
受影响服务器台数 最小值:0 最大值:2147483647 |
unhandle_host_num |
Integer |
未处理主机台数,除已忽略和已修复的主机数量 最小值:0 最大值:2147483647 |
scan_time |
Long |
最近扫描时间,时间戳单位:毫秒 最小值:0 最大值:9223372036854775807 |
solution_detail |
String |
修复漏洞的指导意见 最小长度:0 最大长度:65534 |
url |
String |
URL链接 最小长度:0 最大长度:2083 |
description |
String |
漏洞描述 最小长度:0 最大长度:65534 |
type |
String |
漏洞类型,包含如下: -linux_vul : linux漏洞 -windows_vul : windows漏洞 -web_cms : Web-CMS漏洞 -app_vul : 应用漏洞 最小长度:0 最大长度:128 |
host_id_list |
Array of strings |
可处置该漏洞的主机列表 最小长度:0 最大长度:128 数组长度:0 - 2147483647 |
cve_list |
Array of cve_list objects |
CVE列表 数组长度:1 - 10000 |
patch_url |
String |
补丁地址 最小长度:0 最大长度:512 |
repair_priority |
String |
修复优先级 Critical 紧急 High 高 Medium 中 Low 低 最小长度:1 最大长度:32 |
hosts_num |
VulnerabilityHostNumberInfo object |
影响主机 |
repair_success_num |
Integer |
修复成功次数 最小值:0 最大值:1000000 |
fixed_num |
Long |
修复数量 最小值:0 最大值:1000000 |
ignored_num |
Long |
忽略数量 最小值:0 最大值:1000000 |
verify_num |
Integer |
验证数量 最小值:0 最大值:1000000 |
repair_priority_list |
Array of RepairPriorityListInfo objects |
修复优先级,每个修复优先级对应的主机数量 数组长度:0 - 4 |
请求示例
查询project_id为2b31ed520xxxxxxebedb6e57xxxxxxxx的漏洞列表前10条数据。
GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/vulnerabilities?offset=0&limit=10
响应示例
状态码: 200
漏洞列表
{ "total_num" : 1, "data_list" : [ { "description" : "It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code.", "host_id_list" : [ "caa958ad-a481-4d46-b51e-6861b8864515" ], "host_num" : 1, "scan_time" : 1661752185836, "severity_level" : "Critical", "repair_necessity" : "Critical", "solution_detail" : "To upgrade the affected software", "type" : "linux_vul", "unhandle_host_num" : 0, "url" : "https://ubuntu.com/security/CVE-2022-27405", "vul_id" : "USN-5528-1", "vul_name" : "USN-5528-1: FreeType vulnerabilities", "repair_priority_list" : [ { "repair_priority" : "Critical", "host_num" : 0 }, { "repair_priority" : "High", "host_num" : 0 }, { "repair_priority" : "Medium", "host_num" : 1 }, { "repair_priority" : "Low", "host_num" : 0 } ] } ] }
SDK代码示例
SDK代码示例如下。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.hss.v5.region.HssRegion; import com.huaweicloud.sdk.hss.v5.*; import com.huaweicloud.sdk.hss.v5.model.*; public class ListVulnerabilitiesSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); HssClient client = HssClient.newBuilder() .withCredential(auth) .withRegion(HssRegion.valueOf("<YOUR REGION>")) .build(); ListVulnerabilitiesRequest request = new ListVulnerabilitiesRequest(); request.withEnterpriseProjectId("<enterprise_project_id>"); request.withType("<type>"); request.withVulId("<vul_id>"); request.withVulName("<vul_name>"); request.withLimit(<limit>); request.withOffset(<offset>); request.withRepairPriority("<repair_priority>"); request.withHandleStatus("<handle_status>"); request.withCveId("<cve_id>"); request.withLabelList("<label_list>"); request.withStatus("<status>"); request.withAssetValue("<asset_value>"); request.withGroupName("<group_name>"); try { ListVulnerabilitiesResponse response = client.listVulnerabilities(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkhss.v5.region.hss_region import HssRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkhss.v5 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] credentials = BasicCredentials(ak, sk) client = HssClient.new_builder() \ .with_credentials(credentials) \ .with_region(HssRegion.value_of("<YOUR REGION>")) \ .build() try: request = ListVulnerabilitiesRequest() request.enterprise_project_id = "<enterprise_project_id>" request.type = "<type>" request.vul_id = "<vul_id>" request.vul_name = "<vul_name>" request.limit = <limit> request.offset = <offset> request.repair_priority = "<repair_priority>" request.handle_status = "<handle_status>" request.cve_id = "<cve_id>" request.label_list = "<label_list>" request.status = "<status>" request.asset_value = "<asset_value>" request.group_name = "<group_name>" response = client.list_vulnerabilities(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := hss.NewHssClient( hss.HssClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ListVulnerabilitiesRequest{} enterpriseProjectIdRequest:= "<enterprise_project_id>" request.EnterpriseProjectId = &enterpriseProjectIdRequest typeRequest:= "<type>" request.Type = &typeRequest vulIdRequest:= "<vul_id>" request.VulId = &vulIdRequest vulNameRequest:= "<vul_name>" request.VulName = &vulNameRequest limitRequest:= int32(<limit>) request.Limit = &limitRequest offsetRequest:= int32(<offset>) request.Offset = &offsetRequest repairPriorityRequest:= "<repair_priority>" request.RepairPriority = &repairPriorityRequest handleStatusRequest:= "<handle_status>" request.HandleStatus = &handleStatusRequest cveIdRequest:= "<cve_id>" request.CveId = &cveIdRequest labelListRequest:= "<label_list>" request.LabelList = &labelListRequest statusRequest:= "<status>" request.Status = &statusRequest assetValueRequest:= "<asset_value>" request.AssetValue = &assetValueRequest groupNameRequest:= "<group_name>" request.GroupName = &groupNameRequest response, err := client.ListVulnerabilities(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
状态码 |
描述 |
---|---|
200 |
漏洞列表 |
错误码
请参见错误码。