All Products
Search
Document Center

Security Center:DescribeVulList

Last Updated:Mar 21, 2023

Queries vulnerabilities by type.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

ParameterTypeRequiredDescriptionExample
LangstringNo

The language of the content within the request and response. Default value: zh. Valid values:

  • zh: Chinese
  • en: English
zh
RemarkstringNo

The remarks for the asset affected by the vulnerability. The value can be the private IP address, public IP address, or name of the asset.

1.2.XX.XX
GroupIdstringNo

The ID of the asset group.

NoteYou can call the DescribeAllGroups operation to query the IDs of asset groups.
9207613
TypestringYes

The type of the vulnerability. Valid values:

  • cve: Linux software vulnerability
  • sys: Windows system vulnerability
  • cms: Web-CMS vulnerability
  • app: application vulnerability that is detected by using web scanner
  • emg: urgent vulnerability
  • sca: application vulnerability that is detected by using software component analysis
cve
UuidsstringNo

The UUIDs of the servers on which you want to query the vulnerabilities. Separate multiple UUIDs with commas (,).

1587bedb-fdb4-48c4-9330-****
NamestringNo

The alias of the vulnerability.

oval:com.redhat.rhsa:def:20172836
AliasNamestringNo

The name of the vulnerability.

RHSA-2019:0230-Important: polkit security update
NecessitystringNo

The priority to fix the vulnerability. Separate multiple priorities with commas (,). Valid values:

  • asap: high
  • later: medium
  • nntf: low
asap,later,nntf
DealedstringNo

Specifies whether the vulnerabilities are fixed. Valid values:

  • y: yes
  • n: no
n
CurrentPageintegerNo

The number of the page to return. Default value: 1.

1
PageSizeintegerNo

The number of entries to return on each page. Default value: 10.

20
AttachTypesstringNo

The additional type of the vulnerabilities. You need to specify this parameter when you query application vulnerabilities. Set the value to sca. If you set Type to app, you must specify this parameter.

NoteIf you set this parameter to sca, application vulnerabilities and the vulnerabilities that are detected based on software component analysis are queried. If you do not specify this parameter, only application vulnerabilities are queried.
sca
VpcInstanceIdsstringNo

The IDs of the virtual private clouds (VPCs) in which the vulnerability is detected. Separate multiple IDs with commas (,).

ins-133****,ins-5414****

Response parameters

ParameterTypeDescriptionExample
object
CurrentPageinteger

The page number of the returned page.

1
RequestIdstring

The ID of the request, which is used to locate and troubleshoot issues.

2F26AB2A-1075-488F-8472-40E5DB486ACC
PageSizeinteger

The number of entries returned per page.

20
TotalCountinteger

The total number of vulnerabilities returned.

2
VulRecordsarray

An array that consists of the details about the vulnerability.

object
Statusinteger

The status of the vulnerability. Valid values:

  • 1: unfixed
  • 2: fix failed
  • 3: rollback failed
  • 4: fixing
  • 5: being rolled back
  • 6: being verified
  • 7: fixed
  • 8: fixed and to be restarted
  • 9: rolled back
  • 10: ignored
  • 11: rolled back and to be restarted
  • 12: not found
  • 20: expired
1
Typestring

The type of the vulnerability. Valid values:

  • cve: Linux software vulnerability
  • sys: Windows system vulnerability
  • cms: Web-CMS vulnerability
  • emg: urgent vulnerability
  • app: application vulnerability
  • sca: application vulnerability that is detected by using software component analysis
cve
ModifyTslong

The timestamp when the vulnerability status was modified. Unit: milliseconds.

1620404763000
InternetIpstring

The public IP address of the asset.

1.2.XX.XX
PrimaryIdlong

The ID of the vulnerability.

101162078
Tagstring

The tag that is added to the vulnerability.

oval
InstanceNamestring

The name of the asset.

testInstance
Onlineboolean

Indicates whether the Security Center agent on the asset is online. Valid values:

  • true: yes
  • false: no
true
OsVersionstring

The name of the operating system for your asset.

linux
Namestring

The name of the vulnerability.

oval:com.redhat.rhsa:def:20170574
ResultCodestring

The code that indicates the vulnerability fixing result.

0
InstanceIdstring

The instance ID of the asset.

i-bp18t***
Relatedstring

The Common Vulnerabilities and Exposures (CVE) IDs related to the vulnerability. Multiple CVE IDs are separated by commas (,).

CVE-2017-7518,CVE-2017-12188
IntranetIpstring

The private IP address of the asset.

1.2.XX.XX
LastTslong

The timestamp when the vulnerability was last detected. Unit: milliseconds.

1620404763000
FirstTslong

The timestamp when the vulnerability was first detected. Unit: milliseconds.

1554189334000
RegionIdstring

The ID of the region in which the server resides.

cn-hangzhou
Necessitystring

The priority to fix the vulnerability. Valid values:

  • asap: high
  • later: medium
  • nntf: low
NoteWe recommend that you fix the vulnerabilities that have the high priority at the earliest opportunity.
asap
RepairTslong

The timestamp when the vulnerability was fixed. Unit: milliseconds.

1541207563000
Uuidstring

The UUID of the asset.

04c56617-23fc-43a5-ab9b-****
GroupIdinteger

The ID of the asset group.

281801
ResultMessagestring

The message that indicates the vulnerability fixing result.

timeout
AliasNamestring

The name of the vulnerability.

RHSA-2019:0230-Important: polkit security update
ExtendContentJsonobject

The extended information about the vulnerability.

Statusstring

The status of the vulnerability. Valid values:

  • 1: unfixed
  • 2: fix failed
  • 3: rollback failed
  • 4: fixing
  • 5: being rolled back
  • 6: being verified
  • 7: fixed
  • 8: fixed and to be restarted
  • 9: rolled back
  • 10: ignored
  • 11: rolled back and to be restarted
  • 12: not found
  • 20: expired
1
Ipstring

The public IP address of the asset that is associated with the vulnerability.

1.2.XX.XX
PrimaryIdlong

The ID of the vulnerability.

111
Osstring

The name of the operating system.

centos
Tagstring

The tag that is added to the vulnerability.

oval
LastTslong

The timestamp when the vulnerability was last detected. Unit: milliseconds.

1620404763000
Descriptionstring

The description of the vulnerability.

kernel version:5.10.84-10.2.al8.x86_64
OsReleasestring

The release of the operating system.

7
AliasNamestring

The alias of the vulnerability.

RHSA-2019:0230-Important: polkit security update
AbsolutePathstring

The package path of the software that has the vulnerability.

/roo/www/web
RpmEntityListarray

The RPM Package Manager (RPM) packages.

object
FullVersionstring

The complete version number.

3.10.0-693.2.2.el7
Versionstring

The package version number of the software that has the vulnerability.

3.10.0
MatchDetailstring

The reason why the vulnerability is detected.

python-perf version less than 0:3.10.0-693.21.1.el7
ImageNamestring

The name of the image.

registry_387ytb_xxx
Pathstring

The path of the software that has the vulnerability.

/usr/lib64/python2.7/site-packages
ContainerNamestring

The name of the container.

k8s_67895c4_xxx
Namestring

The name of the RPM package.

python-perf
UpdateCmdstring

The command that is used to fix the vulnerability.

*** update python-perf
MatchListarray

The rule that is used to detect the vulnerability.

string

The rule that is used to detect the vulnerability.

fastjson(jar) extendField.safemode equals false
Pidstring

The process ID.

8664
cveListarray

The CVE list.

string

The CVE list.

CVE-2016-8610
Necessityobject

Indicates whether the vulnerability needs to be fixed.

Statusstring

The status of the score of urgency to fix a vulnerability. Valid values:

  • none: No score is generated.
  • pending: The score is pending calculation.
  • normal: The calculation is normal.
normal
Time_factorstring

The time score.

1.0
Enviroment_factorstring

The environment score.

1.0
Is_calcstring

Indicates whether the score of urgency to fix a vulnerability is calculated. Valid values:

  • 0: no
  • 1: yes
1
Total_scorestring

The score of urgency to fix a vulnerability.

The following list describes scores and related fixing suggestions:

  • If the score is from 13.5 to 15, the vulnerability is a high-risk vulnerability. You must fix the vulnerability at the earliest opportunity.
  • If the score is greater than or equal to 7 but less than 13.5, the vulnerability is a medium-risk vulnerability. You can fix the vulnerability at your convenience.
  • If the score is less than 7, the vulnerability is a low-risk vulnerability. You can ignore the vulnerability.
7.8
Cvss_factorstring

The Common Vulnerability Scoring System (CVSS) score.

7.8
Assets_factorstring

The asset importance score. Valid values:

  • 2: an important asset
  • 1: a common asset
  • 0: a test asset
1
Bindboolean

Indicates whether Security Center is authorized to protect the asset. Valid values:

  • true: yes
  • false: no
true
OsNamestring

The name of the operating system for your asset.

CentOS 7.2 64-bit
AuthVersionstring

The edition of Security Center that is authorized to protect the asset. Valid values:

  • 1: Basic edition
  • 6: Anti-virus edition
  • 5: Advanced edition
  • 3: Enterprise edition
  • 7: Ultimate edition
  • 10: Value-added Plan edition
3

Examples

Sample success responses

JSONformat

{
  "CurrentPage": 1,
  "RequestId": "2F26AB2A-1075-488F-8472-40E5DB486ACC",
  "PageSize": 20,
  "TotalCount": 2,
  "VulRecords": [
    {
      "Status": 1,
      "Type": "cve",
      "ModifyTs": 1620404763000,
      "InternetIp": "1.2.XX.XX",
      "PrimaryId": 101162078,
      "Tag": "oval",
      "InstanceName": "testInstance",
      "Online": true,
      "OsVersion": "linux",
      "Name": "oval:com.redhat.rhsa:def:20170574",
      "ResultCode": "0",
      "InstanceId": "i-bp18t***",
      "Related": "CVE-2017-7518,CVE-2017-12188",
      "IntranetIp": "1.2.XX.XX",
      "LastTs": 1620404763000,
      "FirstTs": 1554189334000,
      "RegionId": "cn-hangzhou",
      "Necessity": "asap",
      "RepairTs": 1541207563000,
      "Uuid": "04c56617-23fc-43a5-ab9b-****",
      "GroupId": 281801,
      "ResultMessage": "timeout",
      "AliasName": "RHSA-2019:0230-Important: polkit security update",
      "ExtendContentJson": {
        "Status": "1",
        "Ip": "1.2.XX.XX",
        "PrimaryId": 111,
        "Os": "centos",
        "Tag": "oval",
        "LastTs": 1620404763000,
        "Description": "kernel version:5.10.84-10.2.al8.x86_64",
        "OsRelease": "7",
        "AliasName": "RHSA-2019:0230-Important: polkit security update",
        "AbsolutePath": "/roo/www/web",
        "RpmEntityList": [
          {
            "FullVersion": "3.10.0-693.2.2.el7",
            "Version": "3.10.0",
            "MatchDetail": "python-perf version less than 0:3.10.0-693.21.1.el7",
            "ImageName": "registry_387ytb_xxx",
            "Path": "/usr/lib64/python2.7/site-packages",
            "ContainerName": "k8s_67895c4_xxx",
            "Name": "python-perf",
            "UpdateCmd": "*** update python-perf",
            "MatchList": [
              "fastjson(jar) extendField.safemode equals false"
            ],
            "Pid": "8664"
          }
        ],
        "cveList": [
          "CVE-2016-8610"
        ],
        "Necessity": {
          "Status": "normal",
          "Time_factor": "1.0",
          "Enviroment_factor": "1.0",
          "Is_calc": "1",
          "Total_score": "7.8",
          "Cvss_factor": "7.8",
          "Assets_factor": "1"
        }
      },
      "Bind": true,
      "OsName": "CentOS 7.2 64-bit\n",
      "AuthVersion": "3"
    }
  ]
}

Error codes

HTTP status codeError codeError messageDescription
400NoPermissionno permission-
400InnerErrorInnerError-
400IllegalParamIllegal param-
400DataNotExists%s data not exist-
403NoPermissioncaller has no permissionYou are not authorized to do this operation.
500ServerErrorServerError-

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2022-06-20The error codes of the API operation change.,The input parameters of the API operation change.
Change itemChange content
Error CodesThe error codes of the API operation change.
    delete Error Codes: 400
Input ParametersThe input parameters of the API operation change.
    Added Input Parameters: Name