Creating a Vulnerability Scan Task
Function
This API is used to create a vulnerability scan task.
Calling Method
For details, see Calling APIs.
URI
POST /v5/{project_id}/vulnerability/scan-task
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
project_id |
Yes |
String |
Project ID. Minimum: 20 Maximum: 64 |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
enterprise_project_id |
No |
String |
Enterprise project ID of the tenant Minimum: 0 Maximum: 64 |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token. Minimum: 32 Maximum: 2097152 |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
manual_scan_type |
No |
Array of strings |
Operation type. The options are as follows: -linux_vul: Linux vulnerability -windows_vul: Windows vulnerability -web_cms: Web-CMS vulnerability -app_vul: application vulnerability -urgent_vul: emergency vulnerability Array Length: 1 - 200 |
batch_flag |
No |
Boolean |
Specifies whether the operation is performed in batches. If the value is true, all supported servers are scanned. |
range_type |
No |
String |
Range of servers to be scanned. The options are as follows: -all_host: Scan all servers. You do not need to set agent_id_list for this type. -specific_host: Minimum: 0 Maximum: 32 |
agent_id_list |
No |
Array of strings |
Server list Minimum: 0 Maximum: 32 Array Length: 1 - 200 |
urgent_vul_id_list |
No |
Array of strings |
Scan all ID list of emergency vulnerabilities. If this parameter is left blank, all emergency vulnerabilities are scanned. Its value can be: URGENT-CVE-2023-46604 Apache ActiveMQ Remote Code Execution Vulnerability URGENT-HSSVD-2020-1109 Elasticsearch Unauthorized Access Vulnerability URGENT-CVE-2022-26134 Atlassian Confluence OGNL Remote Code Execution Vulnerability (Cve-2022-26134) URGENT-CVE-2023-22515 Atlassian Confluence Data Center and Server Privilege Escalation Vulnerability (CVE-2023-22515) URGENT-CVE-2023-22518 Atlassian Confluence Data Center & Server Inappropriate Authorization Mechanism Vulnerability (CVE-2023-22518) URGENT-CVE-2023-28432 MinIO Information Disclosure Vulnerability (CVE-2023-28432) URGENT-CVE-2023-37582 Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-37582) URGENT-CVE-2023-33246 Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-33246) URGENT-CNVD-2023-02709 ZENTAO Project Management System Remote Command Execution Vulnerability (CNVD-2023-02709) URGENT-CVE-2022-36804 Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-36804) URGENT-CVE-2022-22965 Spring Framework JDK >= 9 Remote Code Execution Vulnerability URGENT-CVE-2022-25845 fastjson <1.2.83 Remote Code Execution Vulnerability URGENT-CVE-2019-14439 Jackson-databind Remote Command Execution Vulnerability (CVE-2019-14439) URGENT-CVE-2020-13933 Apache Shiro Authentication Bypass Vulnerability (CVE-2020-13933) URGENT-CVE-2020-26217 XStream < 1.4.14 Remote Code Execution Vulnerability (CVE-2020-26217) URGENT-CVE-2021-4034 Linux Polkit Privilege Escalation Vulnerability (CVE-2021-4034) URGENT-CVE-2021-44228 Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228 and CVE-2021-45046) URGENT-CVE-2022-0847 Dirty Pipe - Linux Kernel Local Privilege Escalation Vulnerability (CVE-2022-0847) Minimum: 0 Maximum: 32 Array Length: 1 - 200 |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
|---|---|---|
task_id |
String |
Detection task ID Minimum: 0 Maximum: 32 |
Example Requests
Create an emergency vulnerability detection task whose agent_id is 0253edfd-30e7-439d-8f3f-17c54c997064 and vulnerability ID list is urgent_vul_id_list.
POST https://{endpoint}/v5/{project_id}/vulnerability/scan-task?enterprise_project_id=XXX
{
"manual_scan_type" : "urgent_vul",
"batch_flag" : false,
"range_type" : "specific_host",
"agent_id_list" : [ "0253edfd-30e7-439d-8f3f-17c54c997064" ],
"urgent_vul_id_list" : [ "URGENT-CVE-2023-46604", "URGENT-HSSVD-2020-1109", "URGENT-CVE-2022-26134", "URGENT-CVE-2023-22515", "URGENT-CVE-2023-22518", "URGENT-CVE-2023-28432", "URGENT-CVE-2023-37582", "URGENT-CVE-2023-33246", "URGENT-CNVD-2023-02709", "URGENT-CVE-2022-36804", "URGENT-CVE-2022-22965", "URGENT-CVE-2022-25845", "URGENT-CVE-2019-14439", "URGENT-CVE-2020-13933", "URGENT-CVE-2020-26217", "URGENT-CVE-2021-4034", "URGENT-CVE-2021-44228", "URGENT-CVE-2022-0847" ]
}
Example Responses
Status code: 200
Succeeded in manually detecting vulnerabilities
{
"task_id" : "d8a12cf7-6a43-4cd6-92b4-aabf1e917"
}
Status Codes
Status Code |
Description |
|---|---|
200 |
Succeeded in manually detecting vulnerabilities |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
