Querying the Servers Affected by a Vulnerability

Function

This API is used to query the servers affected by a vulnerability.

URI

GET /v5/{project_id}/vulnerability/hosts

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.
vul_id	Yes	String	Vulnerability ID
type	Yes	String	Vulnerability type. Its value can be: linux_vul: Linux vulnerability windows_vul: Windows vulnerability
host_name	No	String	Affected server name
host_ip	No	String	IP address of the affected server
status	No	String	Vulnerability status. vul_status_unfix: not fixed vul_status_ignored: ignored vul_status_verified: verification in progress vul_status_fixing: The fix is in progress. vul_status_fixed: The fix succeeded. vul_status_reboot: The issue is fixed and waiting for restart. vul_status_failed: The issue failed to be fixed. vul_status_fix_after_reboot: Restart the server and try again.
limit	No	Integer	Number of records on each page
offset	No	Integer	Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0.

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Type	Description
total_num	Integer	Number of affected servers
data_list	Array of VulHostInfo objects	List of affected ECSs

**Table 5** VulHostInfo
Parameter	Type	Description
host_id	String	ID of the server affected by the vulnerability
severity_level	String	Risk level. Critical: The CVSS score of the vulnerability is greater than or equal to 9, corresponding to the high risk level on the console. High: The CVSS score of the vulnerability is greater than or equal to 7 and less than 9, corresponding to the medium risk level on the console. Medium: The CVSS score of the vulnerability is greater than or equal to 4 and less than 7, corresponding to the medium risk level on the console. Low: The CVSS score of the vulnerability is less than 4, corresponding to the low risk level on the console.
host_name	String	Affected server name
host_ip	String	IP address of the affected server
cve_num	Integer	Vulnerability CVEs
cve_id_list	Array of strings	The CVE ID list corresponding to the vulnerability
status	String	Vulnerability status. vul_status_unfix: not fixed vul_status_ignored: ignored vul_status_verified: verification in progress vul_status_fixing: The fix is in progress. vul_status_fixed: The fix succeeded. vul_status_reboot : The issue is fixed and waiting for restart. vul_status_failed: The issue failed to be fixed. vul_status_fix_after_reboot: Restart the server and try again.
repair_cmd	String	Command line to be executed to fix the vulnerability (This field is available only for Linux vulnerabilities.)

Example Requests

Query the first 10 records in the list of servers with EulerOS-SA-2021-1894 vulnerability.

GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/hosts?vul_id=EulerOS-SA-2021-1894&offset=0&limit=10

Example Responses

Status code: 200

Vul host info list

{
  "total_num" : 1,
  "data_list" : [ {
    "host_id" : "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "severity_level" : "Low",
    "host_name" : "ecs",
    "host_ip" : "xxx.xxx.xxx.xxx",
    "cve_num" : 1,
    "cve_id_list" : [ "CVE-2022-1664" ],
    "status" : "vul_status_ignored",
    "repair_cmd" : "zypper update update-alternatives"
  } ]
}