Queries the details of urgent vulnerabilities.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeEmgVulItem

The operation that you want to perform.

Set the value to DescribeEmgVulItem.

Lang String No zh

The natural language of the request and response. Default value: zh. Valid values:

  • zh: Chinese
  • en: English
RiskStatus String No y

The risk status of the vulnerability.

If you do not specify this parameter, all vulnerabilities are queried. Valid values:

  • y: The risk status is Risk.
  • n: The risk status is No risk.
ScanType String No python

The method used to detect the vulnerability.

If you do not specify this parameter, vulnerabilities that are detected by all methods are queried. Valid values:

  • python: The Version method is used. Security Center checks the software versions of your server to detect whether disclosed vulnerabilities exist.
  • scan: The Network Scan method is used. Security Center analyzes the access traffic to your server over the Internet to detect whether vulnerabilities exist on your assets.
VulName String No Oracle WebLogic T3 deserialization zero-day vulnerability

The name of the vulnerability.

CurrentPage Integer No 1

The page number of the current page. Default value: 1.

PageSize Integer No 5

The number of entries to return on each page.

Default value: 5. If you leave this parameter empty, five entries are returned on each page.

Note We recommend that you do not leave this parameter empty.

All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

For more information about sample requests, see the "Examples" section of this topic.

Response parameters

Parameter Type Example Description
CurrentPage Integer 1

The page number of the returned page.

GroupedVulItems Array of GroupedVulItem

The details of the urgent vulnerability.

AliasName String Oracle WebLogic T3 deserialization zero-day vulnerability

The name of the vulnerability.

GmtLastCheck Long 1619286031000

The time when the vulnerability is last detected. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since the epoch time January 1, 1970, 00:00:00 UTC.

GmtPublish Long 1618887687000

The time when the vulnerability is disclosed. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since the epoch time January 1, 1970, 00:00:00 UTC.

Name String scan:AVD-2021-179344

The name of the detection rule.

PendingCount Integer 0

The number of unhandled vulnerabilities.

Progress Integer 50

The progress of the vulnerability detection task. Valid values: 0 to 100.

Note This parameter takes effect only when an urgent vulnerability is being detected.
Status Integer 30

The detection status of the vulnerability. Valid values:

  • 10: The vulnerability is not detected.
  • 20: The vulnerability is being detected.
  • 30: The vulnerability detection is complete.
Type String scan

The method used to detect the vulnerability. Valid values:

  • python: The Version method is used. Security Center checks the software versions of your server to detect whether disclosed vulnerabilities exist.
  • scan: The Network Scan method is used. Security Center analyzes the access traffic to your server over the Internet to detect whether vulnerabilities exist on your assets.
PageSize Integer 5

The number of entries returned per page.

RequestId String BC1868ED-A0E1-4D1C-BF7E-10DC0C34B3C3

The ID of the request.

TotalCount Integer 116

The total number of urgent vulnerabilities.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeEmgVulItem
&<Common request parameters>

Sample success responses

XML format

<DescribeEmgVulItemResponse>
      <TotalCount>116</TotalCount>
      <RequestId>BC1868ED-A0E1-4D1C-BF7E-10DC0C34B3C3</RequestId>
      <PageSize>5</PageSize>
      <CurrentPage>1</CurrentPage>
      <GroupedVulItems>
            <PendingCount>0</PendingCount>
            <Status>30</Status>
            <Type>scan</Type>
            <AliasName>Oracle WebLogic T3 deserialization zero-day vulnerability</AliasName>
            <GmtPublish>1618887687000</GmtPublish>
            <GmtLastCheck>1619286031000</GmtLastCheck>
            <Name>scan:AVD-2021-179344</Name>
      </GroupedVulItems>
      <GroupedVulItems>
            <PendingCount>0</PendingCount>
            <Status>30</Status>
            <Type>scan</Type>
            <AliasName>Apache Solr SSRF (CVE-2021-27905)</AliasName>
            <GmtPublish>1618317507000</GmtPublish>
            <GmtLastCheck>1619285732000</GmtLastCheck>
            <Name>scan:AVD-2021-27905</Name>
      </GroupedVulItems>
      <GroupedVulItems>
            <PendingCount>0</PendingCount>
            <Status>30</Status>
            <Type>scan</Type>
            <AliasName>ClusterEngine V4.0 sysShell remote command execution vulnerability</AliasName>
            <GmtPublish>1618305858000</GmtPublish>
            <GmtLastCheck>1619285432000</GmtLastCheck>
            <Name>scan:AVD-2021-176478</Name>
      </GroupedVulItems>
      <GroupedVulItems>
            <PendingCount>0</PendingCount>
            <Status>30</Status>
            <Type>scan</Type>
            <AliasName>Default weak password vulnerability in Kingsoft V8.0 terminal security system</AliasName>
            <GmtPublish>1618305819000</GmtPublish>
            <GmtLastCheck>1619285132000</GmtLastCheck>
            <Name>scan:AVD-2021-176479</Name>
      </GroupedVulItems>
      <GroupedVulItems>
            <PendingCount>0</PendingCount>
            <Status>30</Status>
            <Type>scan</Type>
            <AliasName>SonarQube API unauthorized access vulnerability</AliasName>
            <GmtPublish>1618305776000</GmtPublish>
            <GmtLastCheck>1619284832000</GmtLastCheck>
            <Name>scan:AVD-2020-27986</Name>
      </GroupedVulItems>
</DescribeEmgVulItemResponse>

JSON format

{
    "TotalCount": 116,
    "RequestId": "BC1868ED-A0E1-4D1C-BF7E-10DC0C34B3C3",
    "PageSize": 5,
    "CurrentPage": 1,
    "GroupedVulItems": [
        {
            "PendingCount": 0,
            "Status": 30,
            "Type": "scan",
            "AliasName": "Oracle WebLogic T3 deserialization zero-day vulnerability",
            "GmtPublish": 1618887687000,
            "GmtLastCheck": 1619286031000,
            "Name": "scan:AVD-2021-179344"
        },
        {
            "PendingCount": 0,
            "Status": 30,
            "Type": "scan",
            "AliasName": "Apache Solr SSRF (CVE-2021-27905)",
            "GmtPublish": 1618317507000,
            "GmtLastCheck": 1619285732000,
            "Name": "scan:AVD-2021-27905"
        },
        {
            "PendingCount": 0,
            "Status": 30,
            "Type": "scan",
            "AliasName": "ClusterEngine V4.0 sysShell remote command execution vulnerability",
            "GmtPublish": 1618305858000,
            "GmtLastCheck": 1619285432000,
            "Name": "scan:AVD-2021-176478"
        },
        {
            "PendingCount": 0,
            "Status": 30,
            "Type": "scan",
            "AliasName": "Default weak password vulnerability in Kingsoft V8.0 terminal security system",
            "GmtPublish": 1618305819000,
            "GmtLastCheck": 1619285132000,
            "Name": "scan:AVD-2021-176479"
        },
        {
            "PendingCount": 0,
            "Status": 30,
            "Type": "scan",
            "AliasName": "SonarQube API unauthorized access vulnerability",
            "GmtPublish": 1618305776000,
            "GmtLastCheck": 1619284832000,
            "Name": "scan:AVD-2020-27986"
        }
    ]
}

Error codes

For a list of error codes, visit the API Error Center.