Fetch Vulnerabilities Associated with a List
Fetches vulnerabilities associated with a list.
Input ParametersInput Parameters
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| listId | Mandatory | string | Specify the ID/UUID of the list. |
| filter | Optional | string |
Filter vulnerabilities by providing a query using Qualys syntax. Refer to the “How to Search” topic in the online help for assistance with creating your query. |
|
pageNumber |
Optional | integer |
The page to be returned. Page numbers start with 1. The default value is 1. |
| pageSize | Optional | integer |
The number of records per page to be included in the response. The default value is 50. |
| sort | Optional | string |
Sort the results using a Qualys token. Refer to the “Sortable tokens” topic in the online help for more information. |
Sample: Fetch Vulnerabilities Associated with a ListSample: Fetch Vulnerabilities Associated with a List
API Request
curl -X "GET"
"<qualys_base_url>/csapi/v1.3/list/64b2b343-6d3c-43ba-8912-97e45de0b460/vulns"
-H "accept: application/json"
-H "Authorization: Bearer <token>"Response
{
"data": [
{
"description": {
"en": "Suse has released security update for mozillafirefox to fix the vulnerabilities.<P>Affected Products:<BR> openSUSE Leap 42.2<BR> openSUSE Leap 42.1<BR> openSUSE 13.2<BR> "
},
"consequence": {
"en": "Successful exploitation allows attacker to compromise the system."
},
"solution": {
"en": "Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.\n<P>\nTo install packages using the command line interface, use the command "yum update".\n<P>\nRefer to Suse security advisory <A HREF=\"http://lists.opensuse.org/opensuse-updates/2016-12/msg00020.html\" TARGET=\"_blank\">openSUSE-SU-2016:2994-1</A> to address this issue and obtain further details."
},
"os": null,
"discoveryTypes": [
"AUTHENTICATED"
],
"published": "1486381417000",
"updated": "1687457302000",
"types": [
"VULNERABILITY"
],
"severity": 4,
"risk": 40,
"flags": [
"UNIX_AUTH",
"PCI_RELATED"
],
"category": "SUSE",
"authTypes": [
"UNIX_AUTH"
],
"patches": [
634478
],
"qid": 169550,
"exploitability": null,
"exploits": [
{
"name": "Firefox SVG Animation Remote Code ExecutionExploit - Core Security Category : Exploits/Client Side",
"insertDate": "1483641145000",
"firstSeen": null,
"link": null,
"reference": "CVE-2016-9079",
"vendor": {
"name": "Core Security",
"link": "http://www.coresecurity.com"
}
},
{
"name": "FirefoxnsSMILTimeContainer::NotifyTimeChange() RCE - Metasploit Ref :/modules/exploit/windows/browser/firefox_smil_uaf",
"insertDate": "1485252459000",
"firstSeen": "1480464000000",
"link": "https://github.com/rapid7/metasploitframework/blob/master//modules/exploits/windows/browser/firefox_smil_uaf.rb",
"reference": "CVE-2016-9079",
"vendor": {
"name": "Metasploit",
"link": "http://www.metasploit.com"
}
}
...
],
"threatIntel": {
"activeAttacks": true,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": true,
"exploitKit": null,
"publicExploitNames": [
"Firefox SVG Animation Remote Code Execution Exploit -Core Security Category : Exploits/Client Side",
"Firefox nsSMILTimeContainer::NotifyTimeChange() RCE -Metasploit Ref : /modules/exploit/windows/browser/firefox_smil_uaf",
"Mozilla Firefox < 50.0.2 -'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution(Metasploit) - The Exploit-DB Ref : 41151",
"Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution- The Exploit-DB Ref : 42327"
],
"malwareNames": [
"ShellCode",
"WebShell",
"Cryxos",
"CVE-2019-8039",
"CVE-2016-9079",
"ISqrlFX",
"Pdfka",
"CVE-2004-0636",
"CVE-2019-8038",
"Heuristic",
"Pdfjsc",
"Blacole"
],
"exploitKitNames": []
},
"malwares": [
{
"aliases": null,
"name": "ShellCode",
"damage": null,
"distribution": null,
"infections": null,
"link": null,
"platform": "Script",
"rating": null,
"type": "Trojan",
"firstSeen": "1488423480000",
"vendor": {
"name": "ReversingLabs",
"link": "https://www.reversinglabs.com"
}
},
{
"aliases": null,
"name": "WebShell",
"damage": null,
"distribution": null,
"infections": null,
"link": null,
"platform": "Script",
"rating": null,
"type": "Trojan",
"firstSeen": "1524585540000",
"vendor": {
"name": "ReversingLabs",
"link": "https://www.reversinglabs.com"
}
}
...
],
"title": "OpenSuSE Security Update for MozillaFirefox(openSUSE-SU-2016:2994-1)",
"patchAvailable": true,
"cveIds": [
"CVE-2016-9078",
"CVE-2016-9079"
],
"vendorRefs": [
"openSUSE-SU-2016:2994-1"
],
"bugTraqIds": [
"94569",
"94591"
],
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.6",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.8",
"temporalScore": "8.2"
},
"sans20Categories": null,
"lists": null,
"compliances": [],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"vendors": [
{
"vendorName": "suse",
"productName": "None"
},
{
"vendorName": "opensuse",
"productName": "None"
}
],
"vendorRefDetails": [
{
"vendorRef": "openSUSE-SU-2016:2994-1",
"url": "http://lists.opensuse.org/opensuseupdates/2016-12/msg00020.html",
"lastModified": "1486124410000"
}
],
"vulnPatch": {
"patchAvailable": true,
"patchReleaseDate": "1480809600000",
"vendorSeverity": "important",
"patches": [
{
"id": 634478,
"advisoryID": "openSUSE-SU-2016:2994-1",
"component": null,
"lastModified": "1486124408000",
"link": "http://lists.opensuse.org/opensuseupdates/2016-12/msg00020.html",
"osSoftware": "OpenSuse",
"rebootDetails": "Conditional",
"rebootRequired": 2,
"subComponent": null
}
]
},
"qidProperties": [
"unx",
"pci",
"ap",
"os"
]
},
],
"count": 52
}