查询漏洞列表 - ListVulnerabilities
功能介绍
查询漏洞列表
调用方法
请参见如何调用API。
授权信息
账号具备所有API的调用权限,如果使用账号下的IAM用户调用当前API,该IAM用户需具备调用API所需的权限,具体权限要求请参见权限和授权项。
URI
POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/search
|
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
|
project_id |
是 |
String |
参数解释: 项目ID,用于明确项目归属,配置后可通过该ID查询项目下资产,可以通过调用API获取,也可以从控制台获取。获取项目ID 约束限制: 不涉及 取值范围: 不涉及 默认取值: 不涉及 |
|
workspace_id |
是 |
String |
参数解释: 工作空间id。 约束限制: 不涉及 取值范围: 不涉及 默认取值: 不涉及 |
请求参数
|
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
|
limit |
否 |
Integer |
分页大小 |
|
offset |
否 |
Integer |
偏移量 |
|
sort_by |
否 |
String |
排序字段:create_time | update_time |
|
order |
否 |
String |
排序方式:DESC | ASC |
|
from_date |
否 |
String |
搜索开始时间,例如:2023-02-20T00:00:00.000Z |
|
to_date |
否 |
String |
搜索结束时间,例如:2023-02-27T23:59:59.999Z |
|
condition |
否 |
condition object |
搜索条件表达式 |
|
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
|
conditions |
否 |
Array of conditions objects |
表达式列表 |
|
logics |
否 |
Array of strings |
表达式名称列表 |
响应参数
状态码:200
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
code |
String |
错误码 |
|
message |
String |
错误信息 |
|
total |
Integer |
漏洞总数 |
|
size |
Integer |
分页大小 |
|
page |
Integer |
偏移量 |
|
success |
Boolean |
是否成功 |
|
data |
Array of VulnerabilityDetail objects |
漏洞列表 |
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
id |
String |
漏洞id |
|
format_version |
Integer |
格式版本 |
|
version |
Integer |
版本 |
|
project_id |
String |
当前项目的id |
|
workspace_id |
String |
当前的工作空间id |
|
create_time |
String |
创建时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区 |
|
update_time |
String |
更新时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区 |
|
dataclass_ref |
dataclass_ref object |
数据类对象 |
|
data_object |
VulnerabilityDataObject object |
数据类 |
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
vul_name |
String |
漏洞名称 |
|
first_observed_time |
String |
首次发现时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区 |
|
batch_number |
String |
漏洞批次号 |
|
description |
String |
漏洞描述 |
|
resource_num |
Integer |
受影响的资产数量 |
|
domain_id |
String |
租户id |
|
workspace_id |
String |
工作空间id |
|
remediation |
remediation object |
修复建议 |
|
domain_name |
String |
租户名称 |
|
update_time |
String |
更新时间 |
|
is_deleted |
Boolean |
是否删除 |
|
project_id |
String |
项目ID |
|
extend_properties |
extend_properties object |
扩展属性 |
|
region_name |
String |
区域名称 |
|
id |
String |
漏洞公告ID |
|
vulnerability_type |
vulnerability_type object |
漏洞类型信息 |
|
create_time |
String |
创建时间 |
|
last_observed_time |
String |
最后发现时间 |
|
resource |
resource object |
资产信息 |
|
count |
Integer |
漏洞计数 |
|
region_id |
String |
区域ID |
|
vulnerability |
vulnerability object |
漏洞详细信息 |
|
dataclass_id |
String |
数据分类ID |
|
version |
String |
漏洞版本号 |
|
data_source |
data_source object |
数据来源 |
|
arrive_time |
String |
数据到达时间 |
|
environment |
environment object |
环境信息 |
|
trigger_flag |
Boolean |
是否触发标记 |
|
handled |
Integer |
处理状态 |
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
id |
String |
类型ID |
|
category |
String |
漏洞类别 |
|
category_en |
String |
漏洞类别英文 |
|
category_zh |
String |
漏洞类别中文 |
|
vulnerability_type |
String |
漏洞类型 |
|
vulnerability_type_en |
String |
漏洞类型英文 |
|
vulnerability_type_zh |
String |
漏洞类型中文 |
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
id |
String |
资产ID |
|
name |
String |
资产名称 |
|
type |
String |
资产类型 |
|
provider |
String |
提供商 |
|
region_id |
String |
区域ID |
|
domain_id |
String |
租户ID |
|
project_id |
String |
项目ID |
|
ep_id |
String |
企业项目ID |
|
tags |
Map<String,String> |
资产标签 |
|
参数 |
参数类型 |
描述 |
|---|---|---|
|
id |
String |
漏洞ID |
|
type |
Integer |
漏洞类型编号 |
|
url |
String |
漏洞链接 |
|
status |
Integer |
漏洞状态 |
|
level |
String |
漏洞等级 |
|
reason |
String |
漏洞产生原因 |
|
solution |
String |
漏洞解决方案 |
|
repair_severity |
Integer |
修复紧急程度 |
|
related |
Array of objects |
相关漏洞 |
|
tags |
Array of strings |
漏洞标签 |
请求示例
https://{endpoint}/v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/search
{
"limit" : 10,
"offset" : 2
}
响应示例
状态码:200
搜索漏洞列表返回body体
{
"code" : "00000000",
"data" : [ {
"id" : "KB*****5",
"format_version" : 0,
"version" : 0,
"project_id" : "",
"workspace_id" : "",
"create_time" : "2025-12-02T18:35:12.609Z+0800",
"update_time" : "2025-12-05T06:07:23.882Z+0800",
"dataclass_ref" : {
"id" : "ee44*****6a",
"name" : ""
},
"data_object" : {
"vul_name" : "vulnerability_a",
"first_observed_time" : "2025-12-02T18:35:12.609Z+0800",
"batch_number" : "20251203",
"description" : "vulnerability_a description",
"resource_num" : 1,
"domain_id" : "ac74*****f4",
"workspace_id" : "ea95*****55",
"remediation" : {
"recommendation" : "Download and install the patch KB*****5.For details, please refer to:https://*****5.Or use Windows Update to install patches."
},
"domain_name" : "scc_*****09",
"update_time" : "2025-12-05T06:07:23.882Z+0800",
"is_deleted" : false,
"project_id" : "1564*****a6",
"extend_properties" : {
"operations" : {
"is_build_in" : "true"
}
},
"region_name" : "region_a",
"id" : "KB*****5",
"vulnerability_type" : {
"id" : "2373*****3c",
"category" : "Windows_A",
"category_en" : "Windows_A",
"category_zh" : "Windows_A",
"vulnerability_type" : "Windows_A",
"vulnerability_type_en" : "Windows_A",
"vulnerability_type_zh" : "Windows_A"
},
"create_time" : "2025-12-02T18:35:12.609Z+0800",
"last_observed_time" : "2025-12-03T18:47:10.068Z+0800",
"resource" : {
"id" : "bf9d*****b6",
"name" : "hcss*****53",
"type" : "cloudservers",
"provider" : "ecs",
"region_id" : "region_a",
"domain_id" : "ac74*****f4",
"project_id" : "1564*****a6",
"ep_id" : "0",
"tags" : {
"ip" : "X.X.X.X"
}
},
"count" : 1,
"region_id" : "region_a",
"vulnerability" : {
"id" : "KB*****5",
"type" : 1,
"url" : "Download and install the patch KB*****5.For details, please refer to:https://*****5.Or use Windows Update to install patches.",
"status" : 4,
"level" : "Medium",
"reason" : "Offline Processing",
"solution" : "Download and install the patch KB*****5.For details, please refer to:https://*****5.Or use Windows Update to install patches.",
"repair_severity" : 2,
"related" : [ "CVE-*****37" ],
"tags" : [ ]
},
"dataclass_id" : "ee44*****6a",
"version" : "X.X.X",
"data_source" : {
"domain_id" : "ac74*****f4",
"project_id" : "1564*****a6",
"region_id" : "region_a",
"company_name" : "HHH",
"source_type" : 1,
"product_name" : "hss",
"product_feature" : "hvd"
},
"arrive_time" : "2025-12-03T18:47:06.085Z+0800",
"environment" : {
"domain_id" : "ac74*****f4",
"domain_name" : "scc_*****09",
"project_id" : "1564*****a6",
"region_id" : "region_a",
"region_name" : "region_a",
"vendor_type" : "C"
},
"trigger_flag" : false,
"handled" : 1
}
} ],
"message" : "",
"page" : 2,
"size" : 10,
"success" : true,
"total" : 0
}
SDK代码示例
SDK代码示例如下。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.secmaster.v1.region.SecMasterRegion; import com.huaweicloud.sdk.secmaster.v1.*; import com.huaweicloud.sdk.secmaster.v1.model.*; public class ListVulnerabilitiesSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); SecMasterClient client = SecMasterClient.newBuilder() .withCredential(auth) .withRegion(SecMasterRegion.valueOf("<YOUR REGION>")) .build(); ListVulnerabilitiesRequest request = new ListVulnerabilitiesRequest(); request.withWorkspaceId("{workspace_id}"); try { ListVulnerabilitiesResponse response = client.listVulnerabilities(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdksecmaster.v1.region.secmaster_region import SecMasterRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdksecmaster.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = SecMasterClient.new_builder() \ .with_credentials(credentials) \ .with_region(SecMasterRegion.value_of("<YOUR REGION>")) \ .build() try: request = ListVulnerabilitiesRequest() request.workspace_id = "{workspace_id}" response = client.list_vulnerabilities(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" secmaster "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := secmaster.NewSecMasterClient( secmaster.SecMasterClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ListVulnerabilitiesRequest{} request.WorkspaceId = "{workspace_id}" response, err := client.ListVulnerabilities(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
|
状态码 |
描述 |
|---|---|
|
200 |
搜索漏洞列表返回body体 |
错误码
请参见错误码。
