Vulnerabilities affecting the installed base can be retrieved via the REST API using the vulnerabilities endpoint.
Follow along with our Postman Collection
To access the requests associated with the Vulnerability endpoint, click on the Vulnerability data folder in our Postman collection.
Retrieve the full vulnerabilities list
Retrieves all vulnerabilities that affect the installed base, as listed in WORKFLOWS/CVE/List.
Request:
API Request
Python
Request:
GET ot-base/api/v1/vulnerabilities/
import requests
# Enter your hostname (for example: myserver.com or 127.0.0.1) between the quotes.
hostname = 'enterHostnameOrIP'
# Replace username and password with your username and password credentials.
auth=('username', 'password')
url = 'https://'+hostname+'/ot-base/api/v1/vulnerabilities/'
response = requests.get(url,auth=auth)
print(response.status_code)
print(response.text)
Reducing the scope by CVE priority
You can reduce the result set to CVEs of a particular priority with the priority keyword, followed by critical, high, medium, low, or combinations thereof. When filtering for multiple priority levels, separate the different values by comma.
Request:
API Request
Python
Request:
GET ot-base/api/v1/vulnerabilities/
import requests
# Enter your hostname (for example: myserver.com or 127.0.0.1) between the quotes.
hostname = 'enterHostnameOrIP'
# Replace username and password with your username and password credentials.
auth=('username', 'password')
url = 'https://'+hostname+'/ot-base/api/v1/vulnerabilities/'
# Replace enterPriority with either one or multiple values (separated by a comma) ['critical', 'high', 'medium', 'low']
params = { 'priority': 'enterPriority'}
response = requests.get(url,auth=auth)
print(response.status_code)
print(response.text)
Reducing the scope by location
You can reduce the result set to vulnerabilities related to a specific location with the locationid keyword, followed by the location ID of the desired location.
Request:
API Request
Python
Request:
GET ot-base/api/v1/vulnerabilities?locationid=locationID
import requests
# Enter your hostname (for example: myserver.com or 127.0.0.1) between the quotes.
hostname = 'enterHostnameOrIP'
# Replace username and password with your username and password credentials.
auth=('username', 'password')
url = 'https://'+hostname+'/ot-base/api/v1/vulnerabilities/'
# Replace enterLocationID with a location id defined in Asset Center and between the qoutes.
params = { 'locationid': 'enterLocationID'}
response = requests.get(url,auth=auth)
print(response.status_code)
print(response.text)
Retrieve data for a particular vulnerability
Retrieves data for a particular vulnerability is identified as a sub-resource, using its Common Vulnerability Enumerator (CVE).
Request:
API Request
Python
Request:
GET ot-base/api/v1/vulnerabilities/cveID
import requests
# Enter your hostname (for example: myserver.com or 127.0.0.1) between the quotes.
hostname = 'enterHostnameOrIP'
# Replace username and password with your username and password credentials.
auth=('username', 'password')
# Replace enterCVEid with a cve id defined in Asset Center.
cveID = 'enterCVEid'
url = 'https://'+hostname+'/ot-base/api/v1/vulnerabilities/'+cveID
response = requests.get(url,auth=auth)
print(response.status_code)
print(response.text)
Update data for a particular vulnerability
Endpoint to update data for a specific CVE with a specified device Id. Only the deviceId field is mandatory.
Request:
API Request
POST ot-base/api/v1/vulnerabilities/cveID
{
"deviceId": matching device id to your specific CVE (mandatory)
"fixed": 0 / 1 (0 = not fixed, 1 = fixed)
"comment": your comment,
"riskScore": your riskscore,
"relevant": 0 / 1 (0 = not relevant, 1 = relevant)
}
Comments
0 comments
Please sign in to leave a comment.