Import vulnerability data
Use the following request methods to import vulnerability data into ASMS, or delete data previously imported.
Import specific vulnerability data
The importVulnerabilityKb
method enables you to import specific vulnerability data, as opposed to all data from a specific host.
Note: You must use this API before using the hosts API.
Resource name: /ms-vulnerabilities/v1/api/import/kbs
Request method: POST
Request body:
Element | Description |
---|---|
deleteOldImportedData
|
Boolean. Determine whether to fist delete older imported data. |
vulnerabilityKbs
|
An array of vulnerability KBs. Each object includes:
|
Response parameters:
Element | Description |
---|---|
status
|
Describes the response status, including the following elements:
|
Note: Vulnerabilities with a CVSS score of 0 are not supported and fail the validation.
Import specific vulnerability data request example
{ "deleteOldImportedData": false, "vulnerabilityKbs": [ { "cvssScore": 7.5, "description": "ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.", "kbId": "openssh-x11-cookie-auth-bypass", "summary": "OpenSSH X11 Cookie Local Authentication Bypass Vulnerability", "cves": [ "CVE-9990" ] } ] }
Import specific vulnerability data response example
{ "status": null "type": null "msg": "Vulnerability KBs saved successfully" "success": true "error": null, "data": {}, "files": null } Errors: a failure status with the reasons or the application labels new representation 403 (forbidden) - user doesn't have admin permission to use the micro service API. 400 (bad request) - Input validation failures.
Import vulnerabilities from hosts
The importVulnerabilityHosts
method allows you to import vulnerability data from specified scanners, defined in the API as host servers.
Note: Before using this API, you must call the kbs API.
Resource name: /ms-vulnerabilities/v1/api/import/hosts
Request method: POST
Request body:
A list of vulnerability hosts, as detailed by the following elements.
Element | Description |
---|---|
ip
|
String. The IP address of the host. Mandatory. |
kbId
|
String. The string ID of a specific KB. This must be a KB that was already imported using the kbs API, and have the same ID. Mandatory. |
date
|
Number. The UNIX date and time stamp in milliseconds that the KB was identified on the host. Optional. Default is the current date and time. |
Response parameters:
Element | Description |
---|---|
status
|
Describes the response status, including the following elements:
|
Note: Vulnerabilities with a CVSS score of 0 are not supported and fail the validation.
Import vulnerability data from hosts request example:
[ { "ip": "10.30.31.25", "kbId": "openssh-x11-cookie-auth-bypass", "date": 1560170116543 } ]
Import vulnerability data from hosts response example
Response: { "status": null "type": null "msg": "Vulnerability Hosts saved successfully" "success": true "error": null, "data": {}, "files": null } Errors: a failure status with the reasons or the application labels new representation 403 (forbidden) - user doesn't have admin permission to use the micro service API. 400 (bad request) - Input validation failures.
Delete imported vulnerability data
The deleteImportedVulnerabilityData
method enables you to delete vulnerability data imported from files.
Resource name: /ms-vulnerabilities/v1/api/import/delete
Request method: DELETE
Request query parameters: None.
Response parameters:
Element | Description |
---|---|
status
|
Describes the response status, including the following elements:
|
Delete imported vulnerability data response example
{ "data": {}, "error": "string", "msg": "string", "status": "string", "success": true, "type": "string" }