Vulnerability scan result query interface

Last Updated: Sep 25, 2017

Request parameters

Name Type Required? Description
ItemId String Yes Unique ID of a task.
Language String Yes Localized language information.
Refer to ISO-639 for language code, for example zh, en.
Country String Yes Localized language information.
Refer to ISO-3166 for country code. For example, CN, and US.

Request example

  1. https://jaq.aliyuncs.com/
  2. ?ItemId=b888cd36-a5e4-4103-85d3-5ab0c330a5d3&Format=JSON
  3. &SignatureMethod=HMAC-SHA1
  4. &Country=CN
  5. &Signature=v1EGLkqoOgFmxNCO3DjwQ6qVnpw%3D
  6. &Timestamp=2016-06-05T07%3A50%3A08Z
  7. &Action=GetRiskDetail
  8. &AccessKeyId=accessKeyId
  9. &RegionId=cn-hangzhou
  10. &Language=zh
  11. &SignatureNonce=d98527ea-fe68-4536-aa78-01e5b9e480aa
  12. &Version=2016-04-12
  13. &SignatureVersion=1.0

Returned parameters

NameParent NodeDescription
Data-Returned results.
taskStatusDataTask status. Values:
  • 1: finished
  • 2: processing
  • 3: processing error
  • 4: processing timeout
vuln_infoDataVulnerability information.
statusvuln_infoSub-task status. Values:
  • 1: finished
  • 2: processing
  • 3: processing error
  • 4: processing timeout
vuln_countvuln_infoQuantity of vulnerabilities.
Returned only when the task is completed.
totalvuln_countTotal quantity of vulnerabilities.
highLevelvuln_countQuantity of high-risk vulnerabilities.
lowLevelvuln_countQuantity of low-risk vulnerabilities.
midLevelvuln_countQuantity of medium-risk vulnerabilities.
vulnDetailsvuln_infoList of vulnerability details.
Returned only when the task is completed.
namevulnDetailsVulnerability name.
levelvulnDetailsVulnerability risk level.
The values include high, medium, and low.
countvulnDetailsQuantity of vulnerabilities.
locationsvulnDetailsVulnerability location.
referenctLinkvulnDetailsLink to detailed vulnerability description.
recommendationvulnDetailsRemediation advice.

Return example

JSON format

  1. {
  2. " Data":{
  3. "task_status":1,
  4. "vuln_info":{
  5. "status":1,
  6. "vuln_count":{
  7. "total":20,
  8. "high_level":10,
  9. "mid_level":6,
  10. "low_level":4,
  11. "red_line":7
  12. },
  13. "vuln_details":{
  14. "vuln_detail":[
  15. {
  16. "name": "any file-related read/write vulnerability",
  17. "level":"high",
  18. "count":2,
  19. "locations":{
  20. "string":[
  21. "Lcom\/alibaba\/wireless\/jaq\/vulnerabilities\/VulnOpenFileMode#openFileWriteMode",
  22. "Lcom\/alibaba\/wireless\/jaq\/vulnerabilities\/VulnOpenFileMode#openFileReadMode"
  23. ]
  24. },
  25. "red_line":false,
  26. "referenct_link":"http:\/\/jaq.alibaba.com\/blog.htm?id=58",
  27. "recommendation": "Do not use MODE_WORLD_READABLE and MODE_WORLD_WRITABLE"
  28. }
  29. ]
  30. }
  31. }
  32. }
  33. }

XML format

  1. <GetRiskDetailResponse>
  2. <Data>
  3. <task_status>1</task_status>
  4. <vuln_info>
  5. <status>1</status>
  6. <vuln_count>
  7. <total>20</total>
  8. <high_level>10</high_level>
  9. <mid_level>6</mid_level>
  10. <low_level>4</low_level>
  11. <red_line>7</red_line>
  12. </vuln_count>
  13. <vuln_details>
  14. <vuln_detail>
  15. <name>Any file-related read/write vulnerability</name>
  16. <level>high</level>
  17. <count>2</count>
  18. <locations>
  19. <string>Lcom/alibaba/wireless/jaq/vulnerabilities/VulnOpenFileMode#openFileWriteMode</string>
  20. <string>Lcom/alibaba/wireless/jaq/vulnerabilities/VulnOpenFileMode#openFileReadMode</string>
  21. </locations>
  22. <red_line>false</red_line>
  23. <referenct_link>http://jaq.alibaba.com/blog.htm?id=58</referenct_link>
  24. <recommendation>Do not use MODE_WORLD_READABLE and MODE_WORLD_WRITABLE</recommendation>
  25. </vuln_detail>
  26. </vuln_details>
  27. </vuln_info>
  28. </result>
  29. </GetRiskDetailResponse>

Error codes

Error Code Type Error Message
400 Parameter error Refer to error message.
500 Internal system error Refer to error message.
Thank you! We've received your feedback.