GetMissingPatches

Description

Will verify installed patches for OS against known patches. The function only works with Windows Patches

Required database file: vmod.dat

The json_in parameter must provide the following JSON:

{
     "input" :
     {
         "method" : 8,
"name" : string,
"version" : string,
"architecture" : string,
"service_pack" : string,
"os_type" : number,
"os_id" : number,
 "installed_patches" : array<string>
      }
}

Key

JSON

Description

method

number

The method that is being called.
#define WA_OFFLINE_VMOD_V4_GET_SYSTEM_VULNERABILITIES 8

name

string

The operating system name.

version

string

The operating system version in this format: 'major.minor.buildNo'.

architecture

string

(Optional) The architecture of the operating system. "x64" or "64-bit" for 64-bit and "x86" or "32-bit" for 32-bit.

service_pack

string

(Optional) The service pack version of the operating system in format: "sp<major.minor>" or "<major.minor>" (e.g: "sp3.5", "3.5") where "major" and "minor" are retrieved from "service_pack" field returned by GetOSInfo function of OESIS 4V.

os_type

number

The operating system type: 1 - Windows, 2 - Linux, 4 - Mac.

os_id

number

The operating system id.

installed_patches

array<string>

(Optional) The id list of installed OS patches in string format. Default value is an empty list.

The json_out parameter will contain the following JSON result upon successful call:

{
"has_kb": boolean,
"severity": string,
"missing_patches": [{
"kb_id": number,
"severity_index": number,
"severity": string,
"search_url": string,
"detail_url": string,
"details": [{
"severity": string,
"severity_index": number,
"advisory_url": string,
"published_datetime": string,
"impact": string,
"product": string
},
...]
},
...]
}

Key

JSON

Description

has_kb

boolean

Indicates whether any KB has been associated with the queried OS due to missing patches.

severity

string

String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'.

missing_patches

array<object>

A list of missing OS patches.

kb_id

number

Indicates the id of the Microsoft KnowledgeBase.

severity_index

number

A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown.

severity

string

String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'.

search_url

string

Represent an url for searching the respective KB.

detail_url

string

Represents the url for more details regarding the KB.

details

object

An object for KB details (CVEs that it contains).

details.severity

string

String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'.

details.severity_index

number

A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown.

details.advisory_url

string

URL for security updates regarding the CVE.

details.published_datetime

string

The date at which it was published.

details.impact

string

String description of impact level: 'low', 'moderate', 'important', 'critical', 'unknown'.

details.product

string

String representing which product is affected.