Querying Vulnerability Information About a Server

Function

This API is used to query the vulnerability information about a server.

Calling Method

For details, see Calling APIs.

URI

GET /v5/{project_id}/vulnerability/host/{host_id}

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Definition Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID. Constraints N/A Range The value can contain 1 to 256 characters. Default Value N/A
host_id	Yes	String	Definition Server ID. Constraints N/A Range The value can contain 1 to 64 characters. Default Value N/A

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Definition Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID. To query assets in all enterprise projects, set this parameter to all_granted_eps. Constraints You need to set this parameter only after the enterprise project function is enabled. Range The value can contain 1 to 256 characters. Default Value 0: default enterprise project.
limit	No	Integer	Parameter description: Number of records displayed on each page. Constraints: N/A Options: Value range: 10-200 Default value: 10
offset	No	Integer	Definition Offset, which specifies the start position of the record to be returned. Constraints N/A Range The value range is 0 to 2,000,000. Default Value The default value is 0.
type	No	String	Definition Vulnerability type to be queried. Constraints N/A Range linux_vul: Linux vulnerability windows_vul: windows vulnerability web_cms: Web-CMS vulnerability app_vul: application vulnerability urgent_vul: emergency vulnerability Default Value linux_vul: Linux vulnerability
vul_name	No	String	Definition Vulnerability name. Constraints N/A Range The value can contain 0 to 256 characters. Default Value N/A
handle_status	No	String	Definition Vulnerability handling status. Constraints N/A Range unhandled handled Default Value N/A
status	No	String	Definition Vulnerability status. Constraints N/A Range vul_status_unfix: not handled vul_status_ignored: ignored vul_status_verified: verification in progress vul_status_fixing: fixing vul_status_fixed: fixed vul_status_reboot: fixed and pending restart vul_status_failed: fix failed vul_status_fix_after_reboot: Restart the server and try again. Default Value N/A
repair_priority	No	String	Definition Vulnerability fixing priority. Constraints N/A Range Critical High Medium Low Default Value N/A

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Definition User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token. Constraints N/A Range The value can contain 1 to 32,768 characters. Default Value N/A

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Type	Description
total_num	Long	Definition Total number of vulnerabilities on a server. Range The value range is 0 to 2,147,483,647.
data_list	Array of HostVulInfo objects	Definition List of vulnerabilities on a server. Range The value range is 0 to 2,147,483,647.

**Table 5** HostVulInfo
Parameter	Type	Description
vul_name	String	Definition Vulnerability name. Range The value can contain 0 to 256 characters.
vul_id	String	Definition Vulnerability ID. Range The value can contain 0 to 64 characters.
label_list	Array of strings	Definition Vulnerability tag list. Range The value range is 0 to 2,147,483,647.
repair_necessity	String	Definition Repair urgency. Range immediate_repair: The problem must be rectified as soon as possible. delay_repair: The problem can be fixed later. not_needed_repair: The problem does not need to be fixed.
scan_time	Long	Definition Last scan time. Range The value range is 0 to 9,223,372,036,854,775,807.
type	String	Definition Vulnerability type. Range linux_vul: Linux vulnerability windows_vul: windows vulnerability web_cms: Web-CMS vulnerability app_vul: application vulnerability urgent_vul: emergency vulnerability
app_list	Array of app_list objects	Definition List of software affected by the vulnerability on the server Range The value range is 0 to 2,147,483,647.
severity_level	String	Definition Severity. Range Critical: The CVSS score of the vulnerability is greater than or equal to 9, corresponding to the high risk level on the console. High: The CVSS score of the vulnerability is greater than or equal to 7 and less than 9, corresponding to the medium risk level on the console. Medium: The CVSS score of the vulnerability is greater than or equal to 4 and less than 7, corresponding to the medium risk level on the console. Low: The CVSS score of the vulnerability is less than 4, corresponding to the low risk level on the console.
solution_detail	String	Definition Solution. Range The value can contain 0 to 65,534 characters.
url	String	Definition URL link. Range The value can contain 0 to 2,083 characters.
description	String	Definition Vulnerability description. Range The value can contain 0 to 65,534 characters.
repair_cmd	String	Definition Fix command. Range The value can contain 1 to 256 characters.
status	String	Definition Vulnerability status. Range vul_status_unfix: not handled vul_status_ignored: ignored vul_status_verified: verification in progress vul_status_fixing: fixing vul_status_fixed: fixed vul_status_reboot: fixed and pending restart vul_status_failed: fix failed vul_status_fix_after_reboot: Restart the server and try again.
repair_success_num	Integer	Definition Number of times that the vulnerability has been fixed by HSS on the entire network. Range The minimum value is 0 and the maximum value is 1,000,000.
cve_list	Array of cve_list objects	Definition CVE list. Range Minimum value: 1. Maximum value: 10,000.
is_affect_business	Boolean	Definition Whether services are affected. Range true: Services are affected. false: Services are not affected.
first_scan_time	Long	Definition First scan time. Range The value range is 0 to 9,223,372,036,854,775,807.
app_name	String	Definition Name. Range The value can contain 0 to 256 characters.
app_version	String	Definition Version. Range The value can contain 0 to 256 characters.
app_path	String	Definition Software path. Range The value can contain 0 to 512 characters.
version	String	Definition Server quota. Range The value can contain 0 to 128 characters.
support_restore	Boolean	Definition Whether data can be rolled back to the backup created when the vulnerability is fixed. Range true: Rollback is allowed. false: Rollback is not allowed.
disabled_operate_types	Array of disabled_operate_types objects	Definition List of operations that cannot be performed on a vulnerability. Range Minimum value: 1. Maximum value: 10,000.
repair_priority	String	Definition Fixing priority. Range Critical High Medium Low

**Table 6** app_list
Parameter	Type	Description
app_name	String	Definition Name Range The value can contain 0 to 256 characters.
app_version	String	Definition Version. Range The value can contain 0 to 256 characters.
upgrade_version	String	Definition Version that the software with vulnerability needs to be upgraded to Range The value can contain 0 to 256 characters.
app_path	String	Definition Path of the application software (This field is available only for application vulnerabilities.) Range The value can contain 1 to 512 characters.

**Table 7** cve_list
Parameter	Type	Description
cve_id	String	Definition CVE ID Range The value can contain 1 to 32 characters.
cvss	Float	Definition CVSS score. Range Minimum value: 0; Maximum value: 10

**Table 8** disabled_operate_types
Parameter	Type	Description
operate_type	String	Definition Operation type. Range ignore not_ignore: unignore immediate_repair: fix manual_repair: manual fix verify add_to_whitelist
reason	String	Definition Reason why an operation cannot be performed. Range The value can contain 0 to 512 characters.

Example Requests

Query the first 10 vulnerabilities on the server whose ID is xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.

GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/host/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx?offset=0&limit=10

Example Responses

Status code: 200

Request succeeded.

{
  "data_list" : [ {
    "app_list" : [ {
      "app_name" : "Apache Log4j API(Apache Log4j API)",
      "app_version" : "2.8.2",
      "upgrade_version" : "2.8.3",
      "app_path" : "/CloudResetPwdUpdateAgent/lib/log4j-api-2.8.2.jar"
    }, {
      "app_name" : "Apache Log4j Core(Apache Log4j Core)",
      "app_version" : "2.8.2",
      "upgrade_version" : "2.8.3",
      "app_path" : "/CloudResetPwdUpdateAgent/lib/log4j-api-2.8.2.jar"
    } ],
    "app_name" : "Apache Log4j API(Apache Log4j API)",
    "app_path" : "/CloudResetPwdUpdateAgent/lib/log4j-api-2.8.2.jar",
    "app_version" : "2.8.2",
    "cve_list" : [ {
      "cve_id" : "CVE-2021-45046",
      "cvss" : 9
    } ],
    "description" : "It was found that the fix for address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in some non-default configurations. This could allow attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern, leading to information leakage and remote code execution in some environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for the message search mode and disabling the JNDI function by default.",
    "first_scan_time" : 1688956612533,
    "is_affect_business" : true,
    "label_list" : [ ],
    "repair_necessity" : "Critical",
    "scan_time" : 1690469489713,
    "severity_level" : "Critical",
    "repair_cmd" : "yum update tcpdump",
    "solution_detail" : "The official fixing suggestions for this vulnerability have been released. You can click the link to fix the vulnerability according to the suggestions.\nhttps://logging.apache.org/log4j/2.x/security.html\nFor details about the patch for this vulnerability, visit the following website:\nhttps://www.oracle.com/security-alerts/cpujan2022.html\nFor details about unofficial fixing suggestions for this vulnerability, visit the following website:\nhttp://www.openwall.com/lists/oss-security/2021/12/14/4\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\nhttp://www.openwall.com/lists/oss-security/2021/12/15/3\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf\nhttps://www.kb.cert.org/vuls/id/930724\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf\nhttps://www.debian.org/security/2021/dsa-5022\nhttps://www.oracle.com/security-alerts/alert-cve-2021-44228.html\nhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032\nhttp://www.openwall.com/lists/oss-security/2021/12/18/1\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/\nThe vulnerability exploitation/POC of this vulnerability has been exposed. You can verify the vulnerability by referring to the following link:\nhttps://github.com/X1pe0/Log4J-Scan-Win\nhttps://github.com/cckuailong/Log4j_CVE-2021-45046\nhttps://github.com/BobTheShoplifter/CVE-2021-45046-Info\nhttps://github.com/tejas-nagchandi/CVE-2021-45046\nhttps://github.com/pravin-pp/log4j2-CVE-2021-45046\nhttps://github.com/mergebase/log4j-samples\nhttps://github.com/lukepasek/log4jjndilookupremove\nhttps://github.com/ludy-dev/cve-2021-45046\nhttps://github.com/lijiejie/log4j2_vul_local_scanner\nhttps://github.com/CaptanMoss/Log4Shell-Sandbox-Signature\nhttps://github.com/taise-hub/log4j-poc",
    "status" : "vul_status_unfix",
    "type" : "app_vul",
    "url" : "[\"https://www.oracle.com/security-alerts/cpujan2022.html\"]",
    "version" : "hss.version.wtp",
    "vul_id" : "HCVD-APP-CVE-2021-45046",
    "vul_name" : "CVE-2021-45046",
    "repair_success_num" : 3,
    "support_restore" : true,
    "disabled_operate_types" : [ {
      "operate_type" : "immediate_repair",
      "reason" : "The kernel vulnerability of CCE container node cannot be automatically fixed."
    } ]
  } ],
  "total_num" : 31
}

SDK Sample Code

The SDK sample code is as follows.

      
       
         
         
           package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.hss.v5.region.HssRegion;
import com.huaweicloud.sdk.hss.v5.*;
import com.huaweicloud.sdk.hss.v5.model.*;


public class ListHostVulsSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        HssClient client = HssClient.newBuilder()
                .withCredential(auth)
                .withRegion(HssRegion.valueOf("<YOUR REGION>"))
                .build();
        ListHostVulsRequest request = new ListHostVulsRequest();
        request.withHostId("{host_id}");
        try {
            ListHostVulsResponse response = client.listHostVuls(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

          

        

      
     

      
       
         
         
           # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkhss.v5.region.hss_region import HssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkhss.v5 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = HssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(HssRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListHostVulsRequest()
        request.host_id = "{host_id}"
        response = client.list_host_vuls(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

          

        

      
     

      
       
         
         
           package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := hss.NewHssClient(
        hss.HssClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListHostVulsRequest{}
	request.HostId = "{host_id}"
	response, err := client.ListHostVuls(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

          

        

      
     