GetProductVulnerability
|
Description |
Will query if product vulnerabilities exist along with severity and related information. |
Required database file: vmod.dat
The json_in parameter must provide the following JSON:
{ "input" : { "method" : 5, "sources": array<string>, "signature" : number, "product_id" : number, "os_type" : number, "version" : string, "os_id": number, "architecture": string, "service_pack": string } }|
Key |
JSON |
Description |
|
method |
number |
The method that is being called. |
|
sources |
array<string> |
(Optional) An array of sources of vulnerability to query from. Allowed values are "CVE", "MSB" and "KB". Default value is "CVE". |
|
signature |
number |
The signature id of the product returned from the detection call. |
|
product_id |
number |
The id of the product returned from the detection call. |
|
os_type |
number |
The type of the operating system. Type 0 means unspecified, type 1 is Windows, 2 is Linux and 4 is MacOS. |
|
version |
string |
The current version of the queried product. |
|
os_id |
number |
(Optional) The identifier of the operating system. Value 0 means unspecified. Its value is retrieved from "os_id" field returned by GetOSInfo function of OESIS 4V. |
|
architecture |
string |
(Optional) The architecture of the operating system. "x64" or "64-bit" for 64-bit and "x86" or "32-bit" for 32-bit. |
|
service_pack |
string |
(Optional) The service pack version of the operating system in format: "sp<major.minor>" or "<major.minor>" (e.g: "sp3.5", "3.5") where "major" and "minor" are retrieved from "service_pack" field returned by GetOSInfo function of OESIS 4V. |
The json_out parameter will contain the following JSON result upon successful call:
{ "has_vulnerability": boolean, "has_kb": boolean, "severity": string, "cves":[ <check below vulnerability json>, ... ], "msbs":[ <check below vulnerability json>, ... ], "kbs":[ <check below vulnerability json>, ... ] }
|
Key |
JSON |
Description |
|
has_vulnerability |
boolean |
Indicates whether any CVE vulnerabilities have been associated with the particular product. |
|
has_kb |
boolean |
Indicates whether any KB or MSB has been associated with the particular product. |
|
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
|
cves |
array<object> |
(Optional) A list of vulnerabilities in Common Vulnerability Enumeration (CVE) format. This field only exist if "CVE" source is specified in the input, which is the default option. |
|
msbs |
array<object> |
(Optional) A list of vulnerabilities in Microsoft Security Bulletin (MSB) format. This field only exist if "MSB" source is specified in the input. |
|
kbs |
array<object> |
(Optional) A list of vulnerabilities in Microsoft Knowledge Base format. This field only exist if "KB" source is specified in the input. |
1. CVE
{ "static_id": number, "description": string, "severity_index": number, "severity": string, "cve": string, "details": { "cwe": string, "cpe": string, "published_epoch": number, "last_modified_epoch": number, "security_protection": string, "references": [ { "url": string }, ... ], "resolution": [ { "product_id": number, "product_name" string, "higher_than_version": string }, { "product_id": number, "product_name" string, "advisory_url": string }, { "product_id": number, "product_name" string, "text": string }, ... ], "opswat_products_info": [ { "product": { "id": number, "name": string }, "vendor": { "id": number, "name": string }, "ranges": [ { "start": string, "limit": string }, ... ] }, ... ], "cvss_2_0": { "score": string, "access_vector": string, "access_complexity": string, "authentication": string, "confidentiality_impact": string, "integrity_impact": string, "availability_impact": string, "source": string, "generated_on_epoch": number }, "cvss_3_0": { "impact_score": string, "vector_string": string, "attack_vector": string, "attack_complexity": string, "privileges_required": string, "user_interaction": string, "scope": string, "confidentiality_impact": string, "integrity_impact": string, "availability_impact": string, "base_score": string, "base_severity": string, "exploitability_score": string } }}
|
Key |
JSON |
Description |
|
static_id |
number |
An OPSWAT identifier for the vulnerability. |
|
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
|
severity_index |
number |
An OPSWAT-assigned 100 point scale numerical description of Severity level with 100 being greatest and 0 being unknown. |
|
description |
string |
A text description of the specific vulnerability. |
|
cve |
string |
A CVE identification string. |
|
details |
object |
A set of optional vulnerability details. |
|
details.cwe |
string |
A CWE group identification string. |
|
details.cpe |
string |
A CPE product reference. |
|
details.published_epoch |
number |
An epoch timestamp indicating source publishing time. |
|
details.last_modified_epoch |
number |
An epoch timestamp indicating source last update time. |
|
details.references |
array<object> |
An array of external reference links and their related information. |
|
details.references.url |
string |
A reference URL. |
|
details.security_protection |
string |
A security protection descriptor. |
|
details.cvss_2_0 |
object |
A set of CVSS 2.0 severity information. |
|
details.cvss_2_0.score |
string |
A CVSS 2.0 10-point severity score. |
|
details.cvss_2_0.access_vector |
string |
A CVSS 2.0 access vector descriptor. |
|
details.cvss_2_0.access_complexity |
string |
A CVSS 2.0 access complexity descriptor. |
|
details.cvss_2_0.authentication |
string |
A CVSS 2.0 authentication descriptor. |
|
details.cvss_2_0.confidentiality_impact |
string |
A CVSS 2.0 confidentiality impact descriptor. |
|
details.cvss_2_0.integrity_impact |
string |
A CVSS 2.0 integrity impact descriptor. |
|
details.cvss_2_0.availability_impact |
string |
A CVSS 2.0 availability impact descriptor. |
|
details.cvss_2_0.source |
string |
A CVSS 2.0 source descriptor. |
|
details.cvss_2_0.generated_on_epoch |
number |
The timestamp the CVSS 2.0 was generated. |
|
details.cvss_3_0 |
object |
A set of CVSS 3.0 severity information. |
|
details.cvss_3_0.impact_score |
string |
A CVSS 3.0 impact score. |
|
details.cvss_3_0.vector_string |
string |
A CVSS 3.0 vector string. |
|
details.cvss_3_0.attack_vector |
string |
A CVSS 3.0 attack vector. |
|
details.cvss_3_0.attack_complexity |
string |
A CVSS 3.0 attack complexity descriptor. |
|
details.cvss_3_0.privileges_required |
string |
A CVSS 3.0 privileges descriptor. |
|
details.cvss_3_0.user_interaction |
string |
A CVSS 3.0 user interaction descriptor. |
|
details.cvss_3_0.scope |
string |
A CVSS 3.0 scope. |
|
details.cvss_3_0.confidentiality_impact |
string |
A CVSS 3.0 confidentiality impact. |
|
details.cvss_3_0.integrity_impact |
string |
A CVSS 3.0 integrity impact. |
|
details.cvss_3_0.availability_impact |
string |
A CVSS 3.0 availability impact. |
|
details.cvss_3_0.base_score |
string |
A CVSS 3.0 base score. |
|
details.cvss_3_0.base_severity |
string |
A CVSS 3.0 base severity descriptor. |
|
details.cvss_3_0.exploitability_score |
string |
A CVSS 3.0 exploitability score. |
|
details.opswat_products_info |
array<object> |
An array of OPSWAT detectable products relating to the vulnerability. |
|
details.opswat_products_info.product |
object |
Description of a product relating to the vulnerability. |
|
details.opswat_products_info.product.id |
number |
Product identification. |
|
details.opswat_products_info.product.name |
string |
Product name. |
|
details.opswat_products_info.vendor |
object |
Description of the vendor of the product. |
|
details.opswat_products_info.vendor.id |
number |
Vendor identification. |
|
details.opswat_products_info.vendor.name |
string |
Vendor name. |
|
details.opswat_products_info.ranges |
array<object> |
An array of product's version ranges that are related to the vulnerability |
|
details.opswat_products_info.ranges.start |
string |
The first version of the range. |
|
details.opswat_products_info.ranges.limit |
string |
The final version of the range, inclusively. |
|
details.resolution |
array<object> |
An array of recommendations to patch the vulnerability. |
|
details.resolution.product_id |
number |
(Optional) The identifier of the queried product or a product related to this vulnerability. |
|
details.resolution.product_name |
string |
(Optional) The name of the queried product or a product related to this vulnerability. |
|
details.resolution.text |
string |
(Optional) Recommendation for the vulnerability in plain text. |
|
details.resolution.advisory_url |
string |
(Optional) URL to the advisory webpage of the vulnerability. |
|
details.resolution.higher_than_version |
string |
(Optional) Define a version that the product should update to a newer one to patch the vulnerability. |
2. MSB (old Microsoft Security Bulletin)
{ "static_id": number, "msb_id": string, "kb_id": number, "description": string, "severity_index": number, "severity": string, "details": { "published_epoch": number, "cves": [ string, ... ], "patch_resolution": { "kb_id": number, "url": string }, "supersedes": [ { "kb_id": number, "msb_id": string }, ... ] }}|
Key |
JSON |
Description |
|
static_id |
number |
An OPSWAT identifier for the vulnerability. |
|
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
|
severity_index |
number |
A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown. |
|
description |
string |
A text description of the specific vulnerability. |
|
msb_id |
string |
Identifier of the MSB. |
|
kb_id |
number |
Knowledgebase identifier of the MSB. |
|
details |
object |
A set of optional vulnerability details. |
|
details.published_epoch |
number |
An epoch timestamp indicating source publishing time. |
|
details.cves |
array<string> |
A list of Common Vulnerabilities and Exposures (CVE) identifiers associated with the MSB. |
|
details.patch_resolution.kb_id |
number |
Knowledgebase identifier of the security patch for this vulnerability. |
|
details.patch_resolution.url |
string |
The URL to the detail information of the security patch. |
|
details.supersedes |
array<object> |
A list of MSBs that were replaced by this MSB. |
|
details.supersedes.kb_id |
number |
Knowledgebase identifier of a MSB that was replaced by this MSB. |
|
details.supersedes.msb_id |
string |
Identifier of a MSB that was replaced by this MSB. |
3. KB (new Microsoft Security Update Guide)
{ "static_id": number, "kb_id": number, "description": string, "severity_index": number, "severity": string, "details": { "type": string, "search_url": string, "detail_url": string, "affected_products": [ { "severity": string, "severity_index": number, "advisory_url": string, "published_epoch": number, "impact": string, "product": string, "platform": string, "cve": string, }, ... ] }}|
Key |
JSON |
Description |
|
static_id |
number |
An OPSWAT identifier for the vulnerability. |
|
kb_id |
number |
Knowledgebase identifier of the vulnerability. |
|
severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
|
severity_index |
number |
A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown. |
|
description |
string |
A text description of the specific vulnerability. |
|
details |
object |
A set of additional vulnerability details. |
|
details.type |
string |
Type of the KB. |
|
details.search_url |
string |
Search URL of the vulnerability. |
|
details.detail_url |
string |
URL to vulnerability's detail information. |
|
details.affected_products |
array<object> |
Array of information of products affected by the vulnerability. |
|
details.affected_products.severity_index |
number |
A 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown. |
|
details.affected_products.severity |
string |
String description of Severity level: 'low', 'moderate', 'important', 'critical', 'unknown'. |
|
details.affected_products.advisory_url |
string |
URL to the advisory webpage of the vulnerability. |
|
details.affected_products.published_epoch |
number |
An epoch timestamp indicating source publishing time. |
|
details.affected_products.impact |
string |
Description of the impact of the vulnerability on the product. |
|
details.affected_products.product |
string |
Name of the product affected by the vulnerability. |
|
details.affected_products.platform |
string |
(Optional) Name of the platform the affected product run on. |
|
details.affected_products.cve |
string |
(Optional) Identifier of the CVE corresponding to the vulnerability. |