Fetch Vulnerabilities Associated with a List - Bulk API
Fetches a list of vulnerabilities associated with a list. Use this API when the number of vulnerabilities is large.
Input ParametersInput Parameters
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| listId | Mandatory | string | Specify the ID/UUID of the list. |
| filter | Optional | string |
Filter vulnerabilities by providing a query using Qualys syntax. Refer to the “How to Search” topic in the online help for assistance with creating your query. |
| pageSize | Optional | integer |
The number of records per page to be included in the response. The default value is 50. |
| nextPage | Optional | integer | Specify the next page query to fetch the results of the next page. Use the value from the previous response. |
Sample: Fetch Vulnerabilities Associated with a ListSample: Fetch Vulnerabilities Associated with a List
API Request
curl -X "GET"
"<qualys_base_url>/csapi/v1.3/list/2862fff9-6b49-453f-bb66-112a5f26c3c2/vulns/list?pageSize=50"
-H "accept: application/json"
-H "Authorization: Bearer <token>"Response
{
"data": [
{
"description": {
"EN": "Tenable virtual appliances deliver power, deployment speed and all around ease of use by virtually eliminating installation, configuration and maintenance problems.<P>\nThe Tenable Appliance contain several vulnerabilities. One exists in the underlying operating system kernel, two in the Appliance web interface, and multiple issues in bundled applications.<P>\nAffected Versions:<BR>\nTenable Appliance versions 3.4.0, 3.5.0, 3.5.1, 3.10.0, 3.10.1, 4.0.0, 4.1.0, 4.2.0, 4.3.0, 4.3.1, 4.4.0 are affected.\n<P>\n\nQID Detection Logic (Unauthenticated):<BR>\nThis QID sends a crafted HTTP request on TCP port 8000 and checks for the system response."
},
"consequence": {
"EN": "Successful exploitation of these vulnerabilities could allow an attacker to take control of the affected system."
},
"solution": {
"EN": "Customers are advised to refer to <A HREF=\"http://www.tenable.com/security/tns-2017-07\" TARGET=\"_blank\">tns-2017-07</A> for updates pertaining to this vulnerability."
},
"discoveryTypes": [
"REMOTE"
],
"published": 1495534216000,
"updated": 1689717601000,
"types": [
"VULNERABILITY"
],
"severity": 4,
"risk": 40,
"flags": [
"REMOTE",
"PCI_RELATED"
],
"category": "CGI",
"typeDetected": "CONFIRMED",
"authTypes": [],
"patches": [
642244
],
"vulnPatch": {
"patchAvailable": true,
"patchReleaseDate": 1488844800000,
"vendorSeverity": "High",
"patches": [
{
"id": 642244,
"advisoryID": "Tenable Appliance 4.5.0 or later version",
"lastModified": 1493766004000,
"link": "https://www.tenable.com/products/tenable-virtual-appliances#tos",
"rebootDetails": "Conditional",
"rebootRequired": 2
}
]
},
"qid": 11802,
"exploits": [
{
"name": "Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC) - The Exploit-DB Ref : 41457",
"insertDate": 1488202773000,
"firstSeen": 1488067200000,
"link": "http://www.exploit-db.com/exploits/41457",
"reference": "CVE-2017-6074",
"vendor": {
"name": "The Exploit-DB",
"link": "http://www.exploit-db.com"
}
},
{
"name": "Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation - The Exploit-DB Ref : 41458",
"insertDate": 1488202774000,
"firstSeen": 1488067200000,
"link": "http://www.exploit-db.com/exploits/41458",
"reference": "CVE-2017-6074",
"vendor": {
"name": "The Exploit-DB",
"link": "http://www.exploit-db.com"
}
},
{
"name": "Tenable Appliance < 4.5 - Unauthenticated Root Remote Code Execution",
"insertDate": 1493790371000,
"link": "https://www.exploit-db.com/exploits/41892/",
"reference": "CVE-2017-8051",
"vendor": {
"name": "Qualys",
"link": "http://www.qualys.com"
}
},
{
"name": "Tenable Appliance < 4.5 - Root Remote Code Execution - The Exploit-DB Ref : 41892",
"insertDate": 1495551120000,
"firstSeen": 1492473600000,
"link": "http://www.exploit-db.com/exploits/41892",
"reference": "CVE-2017-8051",
"vendor": {
"name": "The Exploit-DB",
"link": "http://www.exploit-db.com"
}
},
{
"name": "Linux Kernel DCCP_PKT_REQUEST Privilege Escalation Exploit - Core Security Category : Exploits/Local",
"insertDate": 1498763575000,
"reference": "CVE-2017-6074",
"vendor": {
"name": "Core Security",
"link": "http://www.coresecurity.com"
}
},
{
"name": "Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)",
"insertDate": 1685336402000,
"firstSeen": 1488067200000,
"link": "https://www.exploit-db.com/exploits/41457",
"reference": "CVE-2017-6074",
"vendor": {
"name": "exploitdb"
}
},
{
"name": "Linux Kernel DCCP_PKT_REQUEST Privilege Escalation Exploit",
"insertDate": 1685336402000,
"firstSeen": 1498694400000,
"link": "https://www.coresecurity.com/core-labs/exploits",
"reference": "CVE-2017-6074",
"vendor": {
"name": "coreimpact"
}
},
{
"name": "Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation",
"insertDate": 1685336402000,
"firstSeen": 1488067200000,
"link": "https://www.exploit-db.com/exploits/41458",
"reference": "CVE-2017-6074",
"vendor": {
"name": "exploitdb"
}
},
{
"name": "Linux Kernel 4.4.0 Ubuntu DCCP Double-Free Privilege Escalation",
"insertDate": 1685336402000,
"firstSeen": 1488153600000,
"link": "https://packetstormsecurity.com/files/141331/Linux-Kernel-4.4.0-Ubuntu-DCCP-Double-Free-Privilege-Escalation.html",
"reference": "CVE-2017-6074",
"vendor": {
"name": "packetstorm"
}
},
{
"name": "Linux Kernel 4.4.0 Ubuntu DCCP Double-Free Crash",
"insertDate": 1685336402000,
"firstSeen": 1488153600000,
"link": "https://packetstormsecurity.com/files/141339/Linux-Kernel-4.4.0-Ubuntu-DCCP-Double-Free-Crash.html",
"reference": "CVE-2017-6074",
"vendor": {
"name": "packetstorm"
}
},
{
"name": "Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free PoC Exploit",
"insertDate": 1685336402000,
"firstSeen": 1488067200000,
"link": "https://0day.today/exploit/27133",
"reference": "CVE-2017-6074",
"vendor": {
"name": "0day.today"
}
},
{
"name": "Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation Exploit",
"insertDate": 1685336402000,
"firstSeen": 1488067200000,
"link": "https://0day.today/exploit/27134",
"reference": "CVE-2017-6074",
"vendor": {
"name": "0day.today"
}
},
{
"name": "Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.",
"insertDate": 1685404802000,
"firstSeen": 1492732800000,
"link": "https://www.exploit-db.com/exploits/41892/",
"reference": "CVE-2017-8051",
"vendor": {
"name": "nvd"
}
},
{
"name": "Tenable Appliance < 4.5 - Root Remote Code Execution",
"insertDate": 1685404802000,
"firstSeen": 1492473600000,
"link": "https://www.exploit-db.com/exploits/41892",
"reference": "CVE-2017-8051",
"vendor": {
"name": "exploitdb"
}
},
{
"name": "toanthang1842002/CVE-2017-6074 exploit repository",
"insertDate": 1689717601000,
"firstSeen": 1689379200000,
"link": "https://github.com/toanthang1842002/CVE-2017-6074",
"reference": "CVE-2017-6074",
"vendor": {
"name": "github-exploits"
}
}
],
"threatIntel": {
"activeAttacks": true,
"publicExploit": true,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"denialOfService": true,
"malware": true,
"publicExploitNames": [
"Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC) - The Exploit-DB Ref : 41457",
"Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation - The Exploit-DB Ref : 41458",
"Tenable Appliance < 4.5 - Root Remote Code Execution - The Exploit-DB Ref : 41892",
"Linux Kernel DCCP_PKT_REQUEST Privilege Escalation Exploit - Core Security Category : Exploits/Local"
],
"malwareNames": [
"CVE-2017-6074",
"CVE-2017-7308"
],
"exploitKitNames": []
},
"malwares": [
{
"name": "CVE-2017-6074",
"platform": "Linux",
"type": "Exploit",
"firstSeen": 1532048192000,
"vendor": {
"name": "ReversingLabs",
"link": "https://www.reversinglabs.com"
}
},
{
"name": "CVE-2017-7308",
"platform": "Linux",
"type": "Exploit",
"firstSeen": 1610837068000,
"vendor": {
"name": "ReversingLabs",
"link": "https://www.reversinglabs.com"
}
}
],
"title": "Tenable Appliance Multiple Security Vulnerabilities",
"patchAvailable": true,
"cveIds": [
"CVE-2017-6074",
"CVE-2017-6543",
"CVE-2017-8050",
"CVE-2017-8051"
],
"vendorRefs": [
"tns-2017-07"
],
"vendorRefDetails": [
{
"vendorRef": "tns-2017-07",
"url": "http://www.tenable.com/security/tns-2017-07",
"urlID": 33459,
"lastModified": 1493766006000
}
],
"bugTraqIds": [
"96310",
"96418"
],
"cvssInfo": {
"baseScore": "10",
"temporalScore": "8.3",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "9.1"
},
"compliances": [],
"supportedBy": [
"VM"
],
"vendors": [
{
"vendorName": "linux",
"productName": "linux_kernel"
},
{
"vendorName": "tenable",
"productName": "nessus"
},
{
"vendorName": "tenable",
"productName": "appliance"
}
],
"qidProperties": [
"ap",
"noa",
"pci",
"lpt",
"os"
]
},
...
],
"count": 50,
"nextPage": [
"988179"
]
}