GetProductVulnerability
Description |
Will query if product vulnerabilities exist along with severity and related information. |
Required database file: vmod.dat
The json_in parameter must provide the following JSON:
{
"input"
:
{
"method"
:
5
,
"sources"
: array<string>,
"signature"
: number,
"product_id"
: number,
"os_type"
: number,
"version"
: string,
"os_id"
: number,
"architecture"
: string,
"service_pack"
: string
}
}
Key |
JSON |
Description |
method |
number |
The method that is being called. |
sources |
array<string> |
(Optional) An array of sources of vulnerability to query from. Allowed values are "CVE", "MSB" and "KB". Default value is "CVE". |
signature |
number |
The signature id of the product returned from the detection call. |
product_id |
number |
The id of the product returned from the detection call. |
os_type |
number |
The type of the operating system. Type 0 means unspecified, type 1 is Windows, 2 is Linux and 4 is MacOS. |
version |
string |
The current version of the queried product. |
os_id |
number |
(Optional) The identifier of the operating system. Value 0 means unspecified. Its value is retrieved from "os_id" field returned by GetOSInfo function of OESIS 4V. |
architecture |
string |
(Optional) The architecture of the operating system. "x64" or "64-bit" for 64-bit and "x86" or "32-bit" for 32-bit. |
service_pack |
string |
(Optional) The service pack version of the operating system in format: "sp<major.minor>" or "<major.minor>" (e.g: "sp3.5", "3.5") where "major" and "minor" are retrieved from "service_pack" field returned by GetOSInfo function of OESIS 4V. |
The json_out parameter will contain the following JSON result upon successful call:
{
"has_vulnerability"
:
boolean
,
"has_kb"
:
boolean
,
"severity"
: string,
"cves"
:[
<check below vulnerability json>, ...
],
"msbs"
:[
<check below vulnerability json>, ...
],
"kbs"
:[
<check below vulnerability json>, ...
]
}
Key |
JSON |
Description |
has_vulnerability |
boolean |
Indicates whether any CVE vulnerabilities have been associated with the particular product. |
has_kb |
boolean |
Indicates whether any KB or MSB has been associated with the particular product. |
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
cves |
array<object> |
(Optional) A list of vulnerabilities in Common Vulnerability Enumeration (CVE) format. This field only exist if "CVE" source is specified in the input, which is the default option. |
msbs |
array<object> |
(Optional) A list of vulnerabilities in Microsoft Security Bulletin (MSB) format. This field only exist if "MSB" source is specified in the input. |
kbs |
array<object> |
(Optional) A list of vulnerabilities in Microsoft Knowledge Base format. This field only exist if "KB" source is specified in the input. |
1. CVE
{
"static_id"
: number,
"description"
: string,
"severity_index"
: number,
"severity"
: string,
"cve"
: string,
"details"
: {
"cwe"
: string,
"cpe"
: string,
"published_epoch"
: number,
"last_modified_epoch"
: number,
"security_protection"
: string,
"references"
: [
{
"url"
: string
},
...
],
"resolution"
: [
{
"product_id"
: number,
"product_name"
string,
"higher_than_version"
: string
},
{
"product_id"
: number,
"product_name"
string,
"advisory_url"
: string
},
{
"product_id"
: number,
"product_name"
string,
"text"
: string
},
...
],
"opswat_products_info"
: [
{
"product"
: {
"id"
: number,
"name"
: string
},
"vendor"
: {
"id"
: number,
"name"
: string
},
"ranges"
: [
{
"start"
: string,
"limit"
: string
},
...
]
},
...
],
"cvss_2_0"
: {
"score"
: string,
"access_vector"
: string,
"access_complexity"
: string,
"authentication"
: string,
"confidentiality_impact"
: string,
"integrity_impact"
: string,
"availability_impact"
: string,
"source"
: string,
"generated_on_epoch"
: number
},
"cvss_3_0"
: {
"impact_score"
: string,
"vector_string"
: string,
"attack_vector"
: string,
"attack_complexity"
: string,
"privileges_required"
: string,
"user_interaction"
: string,
"scope"
: string,
"confidentiality_impact"
: string,
"integrity_impact"
: string,
"availability_impact"
: string,
"base_score"
: string,
"base_severity"
: string,
"exploitability_score"
: string
}
}
}
Key |
JSON |
Description |
static_id |
number |
An OPSWAT identifier for the vulnerability. |
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
severity_index |
number |
An OPSWAT-assigned 100 point scale numerical description of Severity level with 100 being greatest and 0 being unknown. |
description |
string |
A text description of the specific vulnerability. |
cve |
string |
A CVE identification string. |
details |
object |
A set of optional vulnerability details. |
details.cwe |
string |
A CWE group identification string. |
details.cpe |
string |
A CPE product reference. |
details.published_epoch |
number |
An epoch timestamp indicating source publishing time. |
details.last_modified_epoch |
number |
An epoch timestamp indicating source last update time. |
details.references |
array<object> |
An array of external reference links and their related information. |
details.references.url |
string |
A reference URL. |
details.security_protection |
string |
A security protection descriptor. |
details.cvss_2_0 |
object |
A set of CVSS 2.0 severity information. |
details.cvss_2_0.score |
string |
A CVSS 2.0 10-point severity score. |
details.cvss_2_0.access_vector |
string |
A CVSS 2.0 access vector descriptor. |
details.cvss_2_0.access_complexity |
string |
A CVSS 2.0 access complexity descriptor. |
details.cvss_2_0.authentication |
string |
A CVSS 2.0 authentication descriptor. |
details.cvss_2_0.confidentiality_impact |
string |
A CVSS 2.0 confidentiality impact descriptor. |
details.cvss_2_0.integrity_impact |
string |
A CVSS 2.0 integrity impact descriptor. |
details.cvss_2_0.availability_impact |
string |
A CVSS 2.0 availability impact descriptor. |
details.cvss_2_0.source |
string |
A CVSS 2.0 source descriptor. |
details.cvss_2_0.generated_on_epoch |
number |
The timestamp the CVSS 2.0 was generated. |
details.cvss_3_0 |
object |
A set of CVSS 3.0 severity information. |
details.cvss_3_0.impact_score |
string |
A CVSS 3.0 impact score. |
details.cvss_3_0.vector_string |
string |
A CVSS 3.0 vector string. |
details.cvss_3_0.attack_vector |
string |
A CVSS 3.0 attack vector. |
details.cvss_3_0.attack_complexity |
string |
A CVSS 3.0 attack complexity descriptor. |
details.cvss_3_0.privileges_required |
string |
A CVSS 3.0 privileges descriptor. |
details.cvss_3_0.user_interaction |
string |
A CVSS 3.0 user interaction descriptor. |
details.cvss_3_0.scope |
string |
A CVSS 3.0 scope. |
details.cvss_3_0.confidentiality_impact |
string |
A CVSS 3.0 confidentiality impact. |
details.cvss_3_0.integrity_impact |
string |
A CVSS 3.0 integrity impact. |
details.cvss_3_0.availability_impact |
string |
A CVSS 3.0 availability impact. |
details.cvss_3_0.base_score |
string |
A CVSS 3.0 base score. |
details.cvss_3_0.base_severity |
string |
A CVSS 3.0 base severity descriptor. |
details.cvss_3_0.exploitability_score |
string |
A CVSS 3.0 exploitability score. |
details.opswat_products_info |
array<object> |
An array of OPSWAT detectable products relating to the vulnerability. |
details.opswat_products_info.product |
object |
Description of a product relating to the vulnerability. |
details.opswat_products_info.product.id |
number |
Product identification. |
details.opswat_products_info.product.name |
string |
Product name. |
details.opswat_products_info.vendor |
object |
Description of the vendor of the product. |
details.opswat_products_info.vendor.id |
number |
Vendor identification. |
details.opswat_products_info.vendor.name |
string |
Vendor name. |
details.opswat_products_info.ranges |
array<object> |
An array of product's version ranges that are related to the vulnerability |
details.opswat_products_info.ranges.start |
string |
The first version of the range. |
details.opswat_products_info.ranges.limit |
string |
The final version of the range, inclusively. |
details.resolution |
array<object> |
An array of recommendations to patch the vulnerability. |
details.resolution.product_id |
number |
(Optional) The identifier of the queried product or a product related to this vulnerability. |
details.resolution.product_name |
string |
(Optional) The name of the queried product or a product related to this vulnerability. |
details.resolution.text |
string |
(Optional) Recommendation for the vulnerability in plain text. |
details.resolution.advisory_url |
string |
(Optional) URL to the advisory webpage of the vulnerability. |
details.resolution.higher_than_version |
string |
(Optional) Define a version that the product should update to a newer one to patch the vulnerability. |
2. MSB (old Microsoft Security Bulletin)
{
"static_id"
: number,
"msb_id"
: string,
"kb_id"
: number,
"description"
: string,
"severity_index"
: number,
"severity"
: string,
"details"
: {
"published_epoch"
: number,
"cves"
: [
string,
...
],
"patch_resolution"
: {
"kb_id"
: number,
"url"
: string
},
"supersedes"
: [
{
"kb_id"
: number,
"msb_id"
: string
},
...
]
}
}
Key |
JSON |
Description |
static_id |
number |
An OPSWAT identifier for the vulnerability. |
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
severity_index |
number |
A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown. |
description |
string |
A text description of the specific vulnerability. |
msb_id |
string |
Identifier of the MSB. |
kb_id |
number |
Knowledgebase identifier of the MSB. |
details |
object |
A set of optional vulnerability details. |
details.published_epoch |
number |
An epoch timestamp indicating source publishing time. |
details.cves |
array<string> |
A list of Common Vulnerabilities and Exposures (CVE) identifiers associated with the MSB. |
details.patch_resolution.kb_id |
number |
Knowledgebase identifier of the security patch for this vulnerability. |
details.patch_resolution.url |
string |
The URL to the detail information of the security patch. |
details.supersedes |
array<object> |
A list of MSBs that were replaced by this MSB. |
details.supersedes.kb_id |
number |
Knowledgebase identifier of a MSB that was replaced by this MSB. |
details.supersedes.msb_id |
string |
Identifier of a MSB that was replaced by this MSB. |
3. KB (new Microsoft Security Update Guide)
{
"static_id"
: number,
"kb_id"
: number,
"description"
: string,
"severity_index"
: number,
"severity"
: string,
"details"
: {
"type"
: string,
"search_url"
: string,
"detail_url"
: string,
"affected_products"
: [
{
"severity"
: string,
"severity_index"
: number,
"advisory_url"
: string,
"published_epoch"
: number,
"impact"
: string,
"product"
: string,
"platform"
: string,
"cve"
: string,
},
...
]
}
}
Key |
JSON |
Description |
static_id |
number |
An OPSWAT identifier for the vulnerability. |
kb_id |
number |
Knowledgebase identifier of the vulnerability. |
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
severity_index |
number |
A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown. |
description |
string |
A text description of the specific vulnerability. |
details |
object |
A set of additional vulnerability details. |
details.type |
string |
Type of the KB. |
details.search_url |
string |
Search URL of the vulnerability. |
details.detail_url |
string |
URL to vulnerability's detail information. |
details.affected_products |
array<object> |
Array of information of products affected by the vulnerability. |
details.affected_products.severity_index |
number |
A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown. |
details.affected_products.severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
details.affected_products.advisory_url |
string |
URL to the advisory webpage of the vulnerability. |
details.affected_products.published_epoch |
number |
An epoch timestamp indicating source publishing time. |
details.affected_products.impact |
string |
Description of the impact of the vulnerability on the product. |
details.affected_products.product |
string |
Name of the product affected by the vulnerability. |
details.affected_products.platform |
string |
(Optional) Name of the platform the affected product run on. |
details.affected_products.cve |
string |
(Optional) Identifier of the CVE corresponding to the vulnerability. |