GetBulkProductsAndDirectVulnerabilities
Description |
Will query both products' vulnerabilities and some other vulnerabilities directly with no duplication between them, along with severity and related information. |
Required database file: vmod.dat
The json_in parameter must provide the following JSON:
{
"input"
:
{
"method"
:
9
,
"sources"
: array<string>,
"static_ids"
: array<number>,
"products_info"
: [
{
"product_id"
: number,
"versions"
: [
string,
...
]
},
...
],
"os_type"
: number,
"os_id"
: number,
"architecture"
: string,
"service_pack"
: string
}
}
Key |
JSON |
Description |
method |
number |
The method that is being called. |
sources |
array<string> |
(Optional) An array of sources of vulnerability to query from. Allowed values are "CVE", "MSB" and "KB". Default value is "CVE". |
static_ids |
array<number> |
(Optional) The ids of static feeds containing vulnerabilities in database. |
products_info |
array<object> |
The array of products' information to query vulnerability. |
products_info.product_id |
number |
The id of the product returned from the detection call. |
products_info.versions |
array<string> |
The array of versions of a product to query vulnerability. |
os_type |
number |
The type of the operating system. Type 0 means unspecified, type 1 is Windows, 2 is Linux and 4 is MacOS. |
os_id |
number |
(Optional) The identifier of the operating system. Value 0 means unspecified. Its value is retrieved from "os_id" field returned by GetOSInfo function of OESIS 4V. |
architecture |
string |
(Optional) The architecture of the operating system. "x64" or "64-bit" for 64-bit and "x86" or "32-bit" for 32-bit. |
service_pack |
string |
(Optional) The service pack version of the operating system in format: "sp<major.minor>" or "<major.minor>" (e.g: "sp3.5", "3.5") where "major" and "minor" are retrieved from "service_pack" field returned by GetOSInfo function of OESIS 4V. |
The json_out is the same with GetProductVulnerability json output