创建漏洞扫描任务
功能介绍
创建漏洞扫描任务
调用方法
请参见如何调用API。
URI
POST /v5/{project_id}/vulnerability/scan-task
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
project_id |
是 |
String |
项目ID 最小长度:20 最大长度:64 |
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
enterprise_project_id |
否 |
String |
租户企业项目ID 最小长度:0 最大长度:64 |
请求参数
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
X-Auth-Token |
是 |
String |
用户Token。 通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值) 最小长度:32 最大长度:2097152 |
参数 |
是否必选 |
参数类型 |
描述 |
|---|---|---|---|
manual_scan_type |
否 |
Array of strings |
操作类型,包含如下: -linux_vul : linux漏洞 -windows_vul : windows漏洞 -web_cms : Web-CMS漏洞 -app_vul : 应用漏洞 -urgent_vul : 应急漏洞 数组长度:1 - 200 |
batch_flag |
否 |
Boolean |
是否是批量操作,为true时扫描所有支持的主机 |
range_type |
否 |
String |
扫描主机的范围,包含如下: -all_host : 扫描全部主机,此类型不需要填写agent_id_list -specific_host : 扫描指定主机 最小长度:0 最大长度:32 |
agent_id_list |
否 |
Array of strings |
主机列表 最小长度:0 最大长度:32 数组长度:1 - 200 |
urgent_vul_id_list |
否 |
Array of strings |
扫描的应急漏洞id列表,若为空则扫描所有应急漏洞 包含如下: "URGENT-CVE-2023-46604 Apache ActiveMQ远程代码执行漏洞" "URGENT-HSSVD-2020-1109 Elasticsearch 未授权访问漏洞" "URGENT-CVE-2022-26134 Atlassian Confluence OGNL 远程代码执行漏洞(CVE-2022-26134)" "URGENT-CVE-2023-22515 Atlassian Confluence Data Center and Server 权限提升漏洞(CVE-2023-22515)" "URGENT-CVE-2023-22518 Atlassian Confluence Data Center & Server 授权机制不恰当漏洞(CVE-2023-22518)" "URGENT-CVE-2023-28432 MinIO 信息泄露漏洞(CVE-2023-28432)" "URGENT-CVE-2023-37582 Apache RocketMQ 远程代码执行漏洞(CVE-2023-37582)" "URGENT-CVE-2023-33246 Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246)" "URGENT-CNVD-2023-02709 禅道项目管理系统远程命令执行漏洞(CNVD-2023-02709)" "URGENT-CVE-2022-36804 Atlassian Bitbucket Server 和 Data Center 命令注入漏洞(CVE-2022-36804)" "URGENT-CVE-2022-22965 Spring Framework JDK >= 9 远程代码执行漏洞" "URGENT-CVE-2022-25845 fastjson <1.2.83 远程代码执行漏洞" "URGENT-CVE-2019-14439 Jackson-databind远程命令执行漏洞(CVE-2019-14439)" "URGENT-CVE-2020-13933 Apache Shiro身份验证绕过漏洞(CVE-2020-13933)" "URGENT-CVE-2020-26217 XStream < 1.4.14 远程代码执行漏洞(CVE-2020-26217)" "URGENT-CVE-2021-4034 Linux Polkit 权限提升漏洞预警(CVE-2021-4034)" "URGENT-CVE-2021-44228 Apache Log4j2 远程代码执行漏洞(CVE-2021-44228、CVE-2021-45046)" "URGENT-CVE-2022-0847 Dirty Pipe - Linux 内核本地提权漏洞(CVE-2022-0847)" 最小长度:0 最大长度:32 数组长度:1 - 200 |
响应参数
状态码: 200
参数 |
参数类型 |
描述 |
|---|---|---|
task_id |
String |
检测任务id 最小长度:0 最大长度:32 |
请求示例
创建agent_id为0253edfd-30e7-439d-8f3f-17c54c997064,检测漏洞Id列表为urgent_vul_id_list的应急漏洞检测任务
POST https://{endpoint}/v5/{project_id}/vulnerability/scan-task?enterprise_project_id=XXX
{
"manual_scan_type" : "urgent_vul",
"batch_flag" : false,
"range_type" : "specific_host",
"agent_id_list" : [ "0253edfd-30e7-439d-8f3f-17c54c997064" ],
"urgent_vul_id_list" : [ "URGENT-CVE-2023-46604", "URGENT-HSSVD-2020-1109", "URGENT-CVE-2022-26134", "URGENT-CVE-2023-22515", "URGENT-CVE-2023-22518", "URGENT-CVE-2023-28432", "URGENT-CVE-2023-37582", "URGENT-CVE-2023-33246", "URGENT-CNVD-2023-02709", "URGENT-CVE-2022-36804", "URGENT-CVE-2022-22965", "URGENT-CVE-2022-25845", "URGENT-CVE-2019-14439", "URGENT-CVE-2020-13933", "URGENT-CVE-2020-26217", "URGENT-CVE-2021-4034", "URGENT-CVE-2021-44228", "URGENT-CVE-2022-0847" ]
}
响应示例
状态码: 200
手动检测漏洞成功
{
"task_id" : "d8a12cf7-6a43-4cd6-92b4-aabf1e917"
}
SDK代码示例
SDK代码示例如下。
创建agent_id为0253edfd-30e7-439d-8f3f-17c54c997064,检测漏洞Id列表为urgent_vul_id_list的应急漏洞检测任务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.hss.v5.region.HssRegion; import com.huaweicloud.sdk.hss.v5.*; import com.huaweicloud.sdk.hss.v5.model.*; import java.util.List; import java.util.ArrayList; public class CreateVulnerabilityScanTaskSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); HssClient client = HssClient.newBuilder() .withCredential(auth) .withRegion(HssRegion.valueOf("<YOUR REGION>")) .build(); CreateVulnerabilityScanTaskRequest request = new CreateVulnerabilityScanTaskRequest(); request.withEnterpriseProjectId("<enterprise_project_id>"); ManualVulScanRequestInfo body = new ManualVulScanRequestInfo(); List<String> listbodyUrgentVulIdList = new ArrayList<>(); listbodyUrgentVulIdList.add("URGENT-CVE-2023-46604"); listbodyUrgentVulIdList.add("URGENT-HSSVD-2020-1109"); listbodyUrgentVulIdList.add("URGENT-CVE-2022-26134"); listbodyUrgentVulIdList.add("URGENT-CVE-2023-22515"); listbodyUrgentVulIdList.add("URGENT-CVE-2023-22518"); listbodyUrgentVulIdList.add("URGENT-CVE-2023-28432"); listbodyUrgentVulIdList.add("URGENT-CVE-2023-37582"); listbodyUrgentVulIdList.add("URGENT-CVE-2023-33246"); listbodyUrgentVulIdList.add("URGENT-CNVD-2023-02709"); listbodyUrgentVulIdList.add("URGENT-CVE-2022-36804"); listbodyUrgentVulIdList.add("URGENT-CVE-2022-22965"); listbodyUrgentVulIdList.add("URGENT-CVE-2022-25845"); listbodyUrgentVulIdList.add("URGENT-CVE-2019-14439"); listbodyUrgentVulIdList.add("URGENT-CVE-2020-13933"); listbodyUrgentVulIdList.add("URGENT-CVE-2020-26217"); listbodyUrgentVulIdList.add("URGENT-CVE-2021-4034"); listbodyUrgentVulIdList.add("URGENT-CVE-2021-44228"); listbodyUrgentVulIdList.add("URGENT-CVE-2022-0847"); List<String> listbodyAgentIdList = new ArrayList<>(); listbodyAgentIdList.add("0253edfd-30e7-439d-8f3f-17c54c997064"); body.withUrgentVulIdList(listbodyUrgentVulIdList); body.withAgentIdList(listbodyAgentIdList); body.withRangeType("specific_host"); body.withBatchFlag(false); request.withBody(body); try { CreateVulnerabilityScanTaskResponse response = client.createVulnerabilityScanTask(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
创建agent_id为0253edfd-30e7-439d-8f3f-17c54c997064,检测漏洞Id列表为urgent_vul_id_list的应急漏洞检测任务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkhss.v5.region.hss_region import HssRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkhss.v5 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] credentials = BasicCredentials(ak, sk) client = HssClient.new_builder() \ .with_credentials(credentials) \ .with_region(HssRegion.value_of("<YOUR REGION>")) \ .build() try: request = CreateVulnerabilityScanTaskRequest() request.enterprise_project_id = "<enterprise_project_id>" listUrgentVulIdListbody = [ "URGENT-CVE-2023-46604", "URGENT-HSSVD-2020-1109", "URGENT-CVE-2022-26134", "URGENT-CVE-2023-22515", "URGENT-CVE-2023-22518", "URGENT-CVE-2023-28432", "URGENT-CVE-2023-37582", "URGENT-CVE-2023-33246", "URGENT-CNVD-2023-02709", "URGENT-CVE-2022-36804", "URGENT-CVE-2022-22965", "URGENT-CVE-2022-25845", "URGENT-CVE-2019-14439", "URGENT-CVE-2020-13933", "URGENT-CVE-2020-26217", "URGENT-CVE-2021-4034", "URGENT-CVE-2021-44228", "URGENT-CVE-2022-0847" ] listAgentIdListbody = [ "0253edfd-30e7-439d-8f3f-17c54c997064" ] request.body = ManualVulScanRequestInfo( urgent_vul_id_list=listUrgentVulIdListbody, agent_id_list=listAgentIdListbody, range_type="specific_host", batch_flag=False ) response = client.create_vulnerability_scan_task(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
创建agent_id为0253edfd-30e7-439d-8f3f-17c54c997064,检测漏洞Id列表为urgent_vul_id_list的应急漏洞检测任务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := hss.NewHssClient( hss.HssClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.CreateVulnerabilityScanTaskRequest{} enterpriseProjectIdRequest:= "<enterprise_project_id>" request.EnterpriseProjectId = &enterpriseProjectIdRequest var listUrgentVulIdListbody = []string{ "URGENT-CVE-2023-46604", "URGENT-HSSVD-2020-1109", "URGENT-CVE-2022-26134", "URGENT-CVE-2023-22515", "URGENT-CVE-2023-22518", "URGENT-CVE-2023-28432", "URGENT-CVE-2023-37582", "URGENT-CVE-2023-33246", "URGENT-CNVD-2023-02709", "URGENT-CVE-2022-36804", "URGENT-CVE-2022-22965", "URGENT-CVE-2022-25845", "URGENT-CVE-2019-14439", "URGENT-CVE-2020-13933", "URGENT-CVE-2020-26217", "URGENT-CVE-2021-4034", "URGENT-CVE-2021-44228", "URGENT-CVE-2022-0847", } var listAgentIdListbody = []string{ "0253edfd-30e7-439d-8f3f-17c54c997064", } rangeTypeManualVulScanRequestInfo:= "specific_host" batchFlagManualVulScanRequestInfo:= false request.Body = &model.ManualVulScanRequestInfo{ UrgentVulIdList: &listUrgentVulIdListbody, AgentIdList: &listAgentIdListbody, RangeType: &rangeTypeManualVulScanRequestInfo, BatchFlag: &batchFlagManualVulScanRequestInfo, } response, err := client.CreateVulnerabilityScanTask(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
状态码 |
描述 |
|---|---|
200 |
手动检测漏洞成功 |
错误码
请参见错误码。
