DescribeVulnerabilityProtectedList - Cloud Firewall - Alibaba Cloud Documentation Center

Retrieves a list of vulnerabilities that Cloud Firewall can protect against.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter	Type	Required	Description	Example
SourceIp `deprecated`	string	No	The source IP address of the request.	112.239.XX.XX
Lang	string	No	The language of the content within the response. Valid values: zh (default): Chinese en: English	zh
Lang	string	No	The language of the content within the response. Valid values: zh (default): Chinese en: English	zh
StartTime	string	Yes	The beginning of the time range to query. The value is a UNIX timestamp in seconds.	1655778046
EndTime	string	Yes	The end of the time range to query. The value is a UNIX timestamp in seconds.	1646063922
VulnStatus	string	No	The protection status of the vulnerability. Valid values: partProtected: Partially protected protected: Protected unProtected: Not protected Valid values: protected : protected unProtected : unProtected partProtected : partProtected	protected
VulnCveName	string	No	The CVE ID of the vulnerability.	CVE-2022-2992
AttackType	string	No	The attack type of the vulnerability protection event. Valid values: 1: Abnormal connection 2: Command execution 3: Brute-force attacks 4: Scan 5: Other 6: Information leakage 7: DoS attacks 8: Overflow attack 9: Web attack 10: Trojan back door 11: Virus and worm 12: Mining behavior 13: Reverse shell Note If you do not specify this parameter, all attack types are queried.	13
VulnType	string	No	The type of the vulnerability. Valid values: App: Application vulnerability emg: Emergency vulnerability cms: Web-CMS vulnerability	emg
VulnLevel	string	No	The risk level of the vulnerability. Valid values: high: High medium: Medium low: Low	medium
CurrentPage	string	No	The page number. Default value: 1.	1
PageSize	string	No	The number of entries per page. Maximum value: 50.	10
SortKey	string	No	The sort key. Set the value to attackCnt to sort by the number of attacks.	attackCnt
Order	string	No	The sort order. Valid values: asc: Ascending. desc (default): Descending.	desc
VulnResource	string	No	The number of assets affected by the vulnerability.	1
UserType	string	No	The user type. Set the value to buy, which indicates a paid user.	buy
BuyVersion	integer	No	The edition of Cloud Firewall. For pay-as-you-go editions, set the value to 10. You do not need to specify this parameter for other editions.	10
MemberUid	string	No	The UID of the member account.	258039427902****
RuleTag	string	No	The tag of the vulnerability. Valid value: AI: AI-related vulnerabilities	AI

Response elements

Element	Type	Description	Example
	object	The response to the DescribeVulnerabilityProtectedList request.
RequestId	string	The ID of the request.	D355C631-1537-59C5-A56E-F6C5037B99E5
TotalCount	integer	The total number of vulnerabilities that Cloud Firewall has detected.	5
ZeroResourceCount	integer	The number of vulnerabilities that affect zero assets.	1
VulnList	array<object>	The details of the vulnerabilities.
	array<object>	The details of the vulnerability.
VulnName	string	The name of the vulnerability.	fastjson <= 1.2.80 反序列化任意代码执行漏洞
AttackType	integer	The attack type of the vulnerability protection event. Valid values: 1: Abnormal connection 2: Command execution 3: Brute-force attacks 4: Scan 5: Other 6: Information leakage 7: DoS attacks 8: Overflow attack 9: Web attack 10: Trojan back door 11: Virus and worm 12: Mining behavior 13: Reverse shell	13
NeedRuleClass	integer	The level of the rule class that you need to enable. Valid values: 1 (default): Loose 2: Medium 3: Strict	1
VulnType	string	The type of the vulnerability. Valid values: emg: Emergency vulnerability webcms: Web-CMS vulnerability app: Application vulnerability	emg
VulnKey	string	The key of the vulnerability.	dedecms-archive.helper.php-vul
VulnLevel	string	The risk level of the vulnerability. Valid values: high: High medium: Medium low: Low	high
NeedOpenBasicRule	boolean	The status of the basic protection rule for the vulnerability. Valid values: true: Enabled false: Disabled Note If this parameter is set to true, you must set the action of the basic protection rule to Block for one-click protection.	false
CveId	string	The CVE IDs.	12112131123, 1231123112
FirstTime	integer	The time when the first attack occurred.	1608687364
BasicRuleIds	string	The ID of the associated rule.	12,12
LastTime	integer	The time of the most recent attack.	1608687364
NeedOpenVirtualPatcheUuids	string	The UUID of the virtual patch rule that you need to change to Block mode.	UUID-1231231234
NeedOpenBasicRuleUuids	string	The UUID of the basic protection rule that you need to change to Block mode.	UUID-1231231
NeedOpenVirtualPatche	boolean	The status of the virtual patch for the vulnerability. Valid values: true: Enabled false: Disabled Note If this parameter is set to true, you must set the action of the virtual patch to Block for one-click protection.	true
VirtualPatcheIds	string	The ID of the associated rule.	13,13
HighlightTag	integer	Indicates whether the vulnerability requires special attention. Valid values: 0: No 1: Yes	0
NeedOpenRunMode	boolean	Indicates whether you need to set the running mode of the threat detection engine for one-click protection. Valid values: true: Yes false: No	true
VulnStatus	string	The protection status of the vulnerability. Valid values: partProtected: Partially protected protected: Protected unProtected: Not protected	protected
AttackCnt	integer	The number of attacks on the vulnerability.	0
ResourceCnt	integer	The number of assets that have the vulnerability.	0
MemberUid	string	The UID of the member account.	119384235299****
ResourceList	array<object>	The list of vulnerable assets.
	object	The vulnerable asset.
ResourceType	string	The type of the asset. Valid values: SLB EIP ECS	EIP
Eip	string	The EIP associated with the instance.	203.107.XX.XX
InternetIp	string	The public IP address of the instance.	47.96.XX.XX
VulnStatus	string	The protection status of the vulnerability. Valid values: partProtected: Partially protected protected: Protected unProtected: Not protected	protected
ResourceId	string	The ID of the instance.	vfw-m5e7dbc4y****
ResourceName	string	The name of the instance.	ECS
IntranetIp	string	The private IP address of the instance.	192.168.XX.XX
RegionId	string	The region ID of the instance. Note For more information about the regions where Cloud Firewall is available, see Supported regions.	cn-beijing
RuleTag	string	The tag of the vulnerability. Valid values: AI : AI-related vulnerabilities	AI

Examples

Success response

JSON format

{
  "RequestId": "D355C631-1537-59C5-A56E-F6C5037B99E5",
  "TotalCount": 5,
  "ZeroResourceCount": 1,
  "VulnList": [
    {
      "VulnName": "fastjson <= 1.2.80 反序列化任意代码执行漏洞",
      "AttackType": 13,
      "NeedRuleClass": 1,
      "VulnType": "emg",
      "VulnKey": "dedecms-archive.helper.php-vul",
      "VulnLevel": "high",
      "NeedOpenBasicRule": false,
      "CveId": "12112131123, 1231123112",
      "FirstTime": 1608687364,
      "BasicRuleIds": "12,12",
      "LastTime": 1608687364,
      "NeedOpenVirtualPatcheUuids": "UUID-1231231234",
      "NeedOpenBasicRuleUuids": "UUID-1231231",
      "NeedOpenVirtualPatche": true,
      "VirtualPatcheIds": "13,13",
      "HighlightTag": 0,
      "NeedOpenRunMode": true,
      "VulnStatus": "protected",
      "AttackCnt": 0,
      "ResourceCnt": 0,
      "MemberUid": "119384235299****",
      "ResourceList": [
        {
          "ResourceType": "EIP",
          "Eip": "203.107.XX.XX",
          "InternetIp": "47.96.XX.XX",
          "VulnStatus": "protected",
          "ResourceId": "vfw-m5e7dbc4y****",
          "ResourceName": "ECS",
          "IntranetIp": "192.168.XX.XX",
          "RegionId": "cn-beijing"
        }
      ],
      "RuleTag": "AI"
    }
  ]
}

Error codes

HTTP status code	Error code	Error message	Description
400	ErrorAliUid	Aliuid invalid.	The aliuid is invalid.
400	ErrorAttackTypeError	attack type invalid.	The specified type is invalid. Select again.
400	ErrorPageNo	Either page number or page size is invalid.	Either page number or page size is invalid.
400	ErrorParameters	A parameter error occurred.	A parameter error occurred.
400	ErrorDBSelectError	A database select error occurred.	The error message returned because an internal error has occurred in querying the database.
400	ErrorMarshalJSON	internal error.	Internal error.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.