Release 3.3.1.0 API

January 07, 2025

Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For this API Release Notes, <qualys_base_url> is mentioned in the sample API requests.

What's New?

Enhanced API - Get List of Vulnerabilities Discovered by EASM Scan

New or Updated API	Updated
API Endpoint	/rest/2.0/search/am/easm/scan/vulns
Method	POST
DTD or XSD changes	Not Applicable

With this release, new parameters are added to the Get List of Vulnerabilities discovered by the EASM Scan API that filters the list of vulnerabilities with specific criteria.

Additionally, for all dates, you can provide datetime filter along with date filter in the API. For example, "lastFoundDate": "2024-10-18T12:04:19.000Z".

Input ParametersInput Parameters

Parameter	Mandatory/ Optional	Data Type	Description
vulnerabilities.status	Optional	String	Provides the current status of the vulnerability. The input values are ACTIVE, NEW, FIXED, REOPENED.
vulnerabilities.severity	Optional	Integer	Provides the severity value of the vulnerability. The value ranges from 1 to 5.
vulnerabilities.solution	Optional	String	Provides the solution value of the vulnerability.
vulnerabilities.title	Optional	String	Provides the title of the vulnerability.
vulnerabilities.rti	Optional	String	Provides the Real-Time Threat Indicator (RTI) value. The possible values are Easy_Exploit, No_Patch, Exploit_Public, Active_Attacks, High_Lateral_Movement, High_Data_loss, Denial_of_Service, Malware, Predicted_Hig_Risk, Remote-Code_execution.
vulnerabilities.patchReleaseDate	Optional	Date	Provides the patch release date of the vulnerability on the format `yyyy-mon-ddThh:mm:ss.000Z` For example, "patchReleaseDate": "2019-02-26T00:00:00.000Z"

Sample - Get List of Vulnerabilities discovered by EASM Scan (without filter)Sample - Get List of Vulnerabilities discovered by EASM Scan (without filter)

API Request

 curl --location --request POST 
'<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \ 
--header 'Authorization: Bearer <JWT_Token>' \
--data-raw ''

API Response

{
"responseMessage": "Valid API Access",
"count": 1,
"responseCode": "SUCCESS",
"lastSeenId": 4664,
"hasMore": 0,
"easmVulnerabilityListData": {
"vulnerabilities": [
{
"id": 4664,
"assetID": 55503403,
"qid": 38170,
"port": 443,
"ssl": true,
"found": true,
"ignored": false,
"disabled": false,
"protocol": "TCP",
"lastFoundDate": "2024-10-18T12:04:19.000Z",
"firstFoundDate": "2024-06-12T13:12:04.000Z",
"lastScanned": "2024-10-18T12:04:19.000Z",
"created": "2024-06-12T13:12:04.000Z",
"updated": "2024-10-18T12:04:19.000Z", 
"patchReleaseDate": "2019-02-26T00:00:00.000Z",
"rti": [
"No_Patch"
],
"solution": "Please install a server certificate whose Subject commonName
 or subjectAltName matches the server FQDN.",
"title": "SSL Certificate - Subject Common Name Does Not Match Server FQDN",
"vulnStatus": "ACTIVE",
"severity": 2
}
]
}

Important to Know

The following are the filters and their corresponding operators supported for this API:

vulnerabilities.status: IN, EQUALS, NOT_EQUALS
vulnerabilities.severity: EQUALS, LESSER, GREATER, GREATER_THAN_EQUAL, LESS_THAN_EQUAL
vulnerabilities.solution: CONTAINS
vulnerabilities.title: CONTAINS
vulnerabilities.rti: EQUALS, NOT_EQUALS

Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in XML format)Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in XML format)

API Request

curl --location --request POST 
'<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \
--header 'Authorization: Bearer <JWT_Token>' \
--header 'Content-Type: application/xml' \
--data '<?xml version="1.0" encoding="UTF-8"?>
<FilterRequest>
<filters>
<criteria>
<field>vulnerabilities.severity</field>
<operator>EQUALS</operator>
<value>2</value>
</criteria>
</filters>
</FilterRequest>'

API Response

{
"responseMessage": "Valid API Access",
"count": 736,
"responseCode": "SUCCESS",
"lastSeenId": 102100,
"hasMore": 0,
"easmVulnerabilityListData": {
"vulnerabilities": [
{
"id": 4662,
"assetID": 55503403,
"qid": 38173,
"port": 443,
"ssl": true,
"found": true,
"ignored": false,
"disabled": false,
"protocol": "TCP",
"lastFoundDate": "2024-10-18T12:04:19.000Z",
"firstFoundDate": "2024-06-12T13:12:04.000Z",
"lastScanned": "2024-10-18T12:04:19.000Z",
"created": "2024-06-12T13:12:04.000Z",
"updated": "2024-10-18T12:04:19.000Z", "patchReleaseDate": "2019-02-26T00:00:00.000Z",
"rti": [
"Easy_Exploit",
"No_Patch"
],
"solution": "Please install a server certificate signed by a trusted third-party Certificate
 Authority.",
"title": "SSL Certificate - Signature Verification Failed Vulnerability",
"vulnStatus": "ACTIVE",
"severity": 2
}
]
}
}

Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in JSON format)Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in JSON format)

API Request

curl --location --request POST 
'<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \
--header 'Authorization: Bearer <JWT_Token>' \
--header 'Content-Type: application/json' \
--data '{
"filters": [
{
"field": "vulnerabilities.severity",
"operator": "EQUALS",
"value": "2"
}
]
}'

API Response

{
"responseMessage": "Valid API Access",
"count": 736,
"responseCode": "SUCCESS",
"lastSeenId": 102100,
"hasMore": 0,
"easmVulnerabilityListData": {
"vulnerabilities": [
{
"id": 4662,
"assetID": 55503403,
"qid": 38173,
"port": 443,
"ssl": true,
"found": true,
"ignored": false,
"disabled": false,
"protocol": "TCP",
"lastFoundDate": "2024-10-18T12:04:19.000Z",
"firstFoundDate": "2024-06-12T13:12:04.000Z",
"lastScanned": "2024-10-18T12:04:19.000Z",
"created": "2024-06-12T13:12:04.000Z",
"updated": "2024-10-18T12:04:19.000Z",
rti": [
"Easy_Exploit",
"No_Patch"
],
"solution": "Please install a server certificate signed by a trusted third-party Certificate Authority.",
"title": "SSL Certificate - Signature Verification Failed Vulnerability",
"vulnStatus": "ACTIVE",
"severity": 2
}
]
}