Download Report Using Resource Name API
Use this API to download reports using resource ID. The Byte stream file is downloaded.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
| id | Mandatory | String | Provide a unique ID of the report. |
| resource-name | Mandatory | String | Provide resource name of the report. |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Enterprise TruRisk Platform Prepend token with Bearer and one space. For example - Bearer authToken |
Enhanced Information on Assets
The API response includes additional asset attributes to provide richer context and improve asset visibility. These attributes enable better tracking, categorization, and reporting of assets through the API.
Sample: Response consists of patch informationSample: Response consists of patch information
API Request
curl -X GET '<qualys_base_url>/etm/api/rest/v1/reports/20ce9e32-fe6e-4172-b5ee-ef770591c56b/resources/part_15097524224131306.json' --header 'Content-Type: application/json' --header 'Authorization: Bearer <JWT Token>'
Response
[
{
"cveId": "CVE-2001-0775",
"findingId": "f1699796-88fc-4206-b6f9-7d8f1f782693",
"exploitMaturity": [
"poc"
],
"cvss": {
"cvss2Base": "7.5",
"cvss2Temporal": "6.8",
"vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
},
"vendorName": "CrowdStrike",
"vendorProductName": "Spotlight",
"impact": "NA",
"assetType": "HOST",
"assetSerialNumber": "6924-0881-6345-0277",
"references": [],
"asset": {
"externalAssetId": "fh0uKErjEgZic5iYAEhsAiQlaqbYSDtKZXO6CzUMrX"
},
"product": {
"name": "3945e_integrated_services_router",
"vendor": "cisco",
"category": "Hardware",
"cpeName": "cpe:2.3:h:cisco:3945e_integrated_services_router:-:*:*:*:*:*:*:*"
},
"typeDetected": "Confirmed",
"mitreAttacks": [
{
"tactics": {},
"techniques": {},
"subtechniques": {}
}
],
"lastFound": 1751630410000,
"subCategory": "Confirmed",
"description": "High risk vulnerability with potential exploit.",
"assetName": "UK1533VD",
"category": "VULNERABILITY",
"severity": 5,
"dnsName": "UK1544VD1",
"wascIds": [],
"qds": 42,
"isQualysPatchable": true,
"title": "CVE-2001-0775",
"rti": [
"Easy_Exploit",
"Exploit_Public",
"Predicted_High_Risk"
],
"firstFound": 1751628311000,
"exploitedByList": [],
"status": "ACTIVE",
"isPatchAvailable": true,
"sources": [
{
"lastDetected": 1751628311000,
"externalFindingId": "cfe6aa1a-3030-4e99-af5e-ae57878c3aa12",
"qds": 80,
"sourceName": "CrowdStrike",
"firstDetected": 1751628311000,
"title": "CVE-2001-0775",
"status": "ACTIVE",
"severity": 5,
"subCategory": "Confirmed",
"connectorId": "381fde68-9f2a-4b11-a357-40eab649c829",
"connectorName": "ETM-ASSIGNMENTS",
"sourceAssetId": 1121089,
"typeDetected": "Confirmed",
"vendorSource": "Spotlight"
},
{
"lastDetected": 1751630410000,
"externalFindingId": "1fe6aa1a-3030-4e99-af5e-ae57878c3aa12",
"qds": 80,
"sourceName": "CrowdStrike",
"firstDetected": 1751630410000,
"title": "CVE-2001-0775",
"status": "ACTIVE",
"severity": 5,
"subCategory": "Confirmed",
"connectorId": "381fde68-9f2a-4b11-a357-40eab649c829",
"connectorName": "ETM-ASSIGNMENTS",
"sourceAssetId": 1121089,
"typeDetected": "Confirmed",
"vendorSource": "Spotlight"
}
],
"lastUpdated": 1751630410000,
"remediations": [],
"customNumber2": 80,
"customNumber1": 10,
"cvePublishedDate": "2001-10-18T04:00:00.000Z",
"ttd": 207847.42,
"datePublished": "2001-10-18T04:00:00.000Z",
"assetCreatedOn": 1751269805000,
"operatingSystemAttribute": {
"operatingSystem": "RHEL",
"category1": "Linux",
"category2": "Server"
},
"patches": [
{
"datePublished": "2024-08-01T00:00:00.000Z",
"downloadMethod": "Default download",
"patchId": "dc13885e-c089-3adb-b893-59a6f2efa7f3",
"platform": "Linux",
"publishedDate": 1722470400000,
"rebootRequired": false,
"title": "Debian Security Update for xli (CVE-2001-0775)",
"osIdentifier": "DEBIAN12",
"qualysPatchable": false,
"advisoryLink": "https://security-tracker.debian.org/tracker/CVE-2001-0775",
"architecture": [
"noarch"
]
},
{
"datePublished": "2024-08-01T00:00:00.000Z",
"downloadMethod": "Default download",
"patchId": "42b377f9-18a6-396b-ac2e-3650b865d890",
"platform": "Linux",
"publishedDate": 1722470400000,
"rebootRequired": false,
"title": "Debian Security Update for xli (CVE-2001-0775)",
"osIdentifier": "DEBIAN11",
"qualysPatchable": false,
"advisoryLink": "https://security-tracker.debian.org/tracker/CVE-2001-0775",
"architecture": [
"noarch"
]
}
],
"acs": 2,
"truRiskScore": 265,
"tagNames": [
"TestJ000000",
"Unmanaged",
"CAUintManager_BU",
"CrowdStrike Spotlight"
],
"disabled": false,
"ignored": false,
"detectionAge": 3,
"solution": "NA",
"cve": {
"cveId": "CVE-2001-0775",
"qvs": 42,
"cisaKnownExploits": false,
"rti": [
"Easy_Exploit",
"Exploit_Public",
"Predicted_High_Risk"
],
"exploitMaturity": [
"poc"
],
"epssScore": 0.25562,
"updated": 1751544435,
"cvss2Info": {
"basescore": 7.5,
"temporalScore": 6.8,
"accessVector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
},
"cvss3Info": {}
}
}
]
Enriched Details for Findings from Qualys Apps and Third-Party Sources
The API response for findings includes additional fields for better tracking and context of externally sourced vulnerabilities. These enriched details help to understand and track externally sourced findings.
Sample: Response consists of VMDR findingsSample: Response consists of VMDR findings
API Request
curl -X GET '<qualys_base_url>/etm/api/rest/v1/reports/20ce9e32-fe6e-4172-b5ee-ef770591c56b/resources/part_15097524224131306.json' --header 'Content-Type: application/json' --header 'Authorization: Bearer <JWT Token>'
Response
[
{
"cveId": "CVE-2015-2808",
"findingId": "654a94f8-c13e-4f43-a5a0-c71eaa5f1e7b",
"cvss": {
"cvss2Base": "5.0",
"cvss2Temporal": "4.3",
"vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
},
"vendorName": "Qualys",
"vendorProductName": "VMDR",
"impact": "NA",
"vendorId": "38601",
"assetType": "HOST",
"references": [],
"asset": {
"internalAssetId": 126166,
"assetName": "mgmtpatch6"
},
"product": {
"category": "General remote services"
},
"typeDetected": "Confirmed",
"mitreAttacks": [
{
"tactics": {},
"techniques": {},
"subtechniques": {}
}
],
"lastFound": 1737098071000,
"subCategory": "Confirmed",
"description": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue.",
"assetName": "mgmtpatch6",
"category": "VULNERABILITY",
"severity": 2,
"dnsName": "mgmtpatch6",
"wascIds": [],
"qds": 30,
"isQualysPatchable": false,
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Use of Weak Cipher Rivest Cipher 4 (RC4/ARC4/ARCFOUR)",
"rti": [
"Easy_Exploit"
],
"firstFound": 1718893396000,
"exploitedByList": [],
"protocol": "TCP",
"status": "ACTIVE",
"isPatchAvailable": false,
"port": 3389,
"sources": [
{
"lastDetected": 1737098071000,
"vendorId": "38601",
"externalFindingId": "129408",
"qds": 30,
"sourceName": "Qualys",
"firstDetected": 1718893396000,
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Use of Weak Cipher Rivest Cipher 4 (RC4/ARC4/ARCFOUR)",
"status": "ACTIVE",
"severity": 2,
"subCategory": "Confirmed",
"port": 3389,
"protocol": "TCP",
"sourceAssetId": 126166,
"typeDetected": "Confirmed",
"vendorSource": "VMDR"
}
],
"lastUpdated": 1737098071000,
"customNumber2": 80,
"cvePublishedDate": "2015-04-01T02:00:35.000Z",
"ttd": 80844.38,
"datePublished": "2015-04-01T02:00:35.000Z",
"assetCreatedOn": 1718893411000,
"operatingSystemAttribute": {
"operatingSystem": "Windows 2012 R2 Standard"
},
"patches": [],
"assetPublish": 1737098083000,
"acs": 5,
"truRiskScore": 301,
"tagNames": [
"TestJ000000",
"Internet Facing Assets",
"Midhila Dynamic Tag",
"AG1",
"mithomas-Dynamic Tag",
"Operating System",
"CAUintManager_BU",
"OS Windows00"
],
"disabled": false,
"ignored": false,
"detectionAge": 384,
"solution": "NA",
"cve": {
"cveId": "CVE-2015-2808",
"qvs": 30,
"cisaKnownExploits": false,
"rti": [
"Easy_Exploit"
],
"epssScore": 0.4884,
"updated": 1751982681,
"cvss2Info": {
"basescore": 5.0,
"temporalScore": 4.3,
"accessVector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
},
"cvss3Info": {}
}
}
]
Sample: Response consists of vendor name, product name, category, and other detailsSample: Response consists of vendor name, product name, category, and other details
API Request
curl -X GET '<qualys_base_url>/etm/api/rest/v1/reports/20ce9e32-fe6e-4172-b5ee-ef770591c56b/resources/part_15097524224131306.json' --header 'Content-Type: application/json' --header 'Authorization: Bearer <JWT Token>'
Response
[
{
"cveId": "CVE-2024-7264",
"findingId": "8e09d704-bdee-4477-8327-d9e69cd9555d",
"exploitMaturity": [
"poc"
],
"cvss": {
"cvss2Temporal": "6.1",
"cvss3Base": "6.5",
"cvss3Temporal": "6.1",
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"vendorName": "CrowdStrike",
"vendorProductName": "Spotlight",
"impact": "NA",
"assetType": "HOST",
"references": [],
"asset": {
"externalAssetId": "garpjdEYhY4LHjnFvvXbnSlrrbpa3jkxJRq0MGtvBbnF4"
},
"product": {
"name": "ios",
"vendor": "cisco",
"category": "Operating System",
"version": "Libcurl",
"cpeName": "cpe:2.3:o:cisco:ios:15.6\\(4\\)sn:*:*:*:*:*:*:*"
},
"typeDetected": "Confirmed",
"mitreAttacks": [
{
"tactics": {},
"techniques": {},
"subtechniques": {}
}
],
"lastFound": 1751901905000,
"subCategory": "Confirmed",
"description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.\n",
"assetName": "XB6WO460",
"category": "VULNERABILITY",
"severity": 4,
"dnsName": "XB6WO460",
"wascIds": [],
"qds": 37,
"isQualysPatchable": false,
"title": "CVE-2024-7264",
"rti": [
"Exploit_Public"
],
"firstFound": 1751499543000,
"exploitedByList": [],
"status": "ACTIVE",
"isPatchAvailable": false,
"sources": [
{
"lastDetected": 1751901905000,
"externalFindingId": "b39710a56aea4b6b8a5b8785daa260f7-407b19c7e6d3499eb7eac4b9372edc25_08a227cc93c039a396b92f5813b71f98",
"qds": 60,
"sourceName": "CrowdStrike",
"firstDetected": 1751901905000,
"title": "CVE-2024-7264",
"status": "ACTIVE",
"severity": 4,
"subCategory": "Confirmed",
"connectorId": "381fde68-9f2a-4b11-a357-40eab649c829",
"connectorName": "ETM-ASSIGNMENTS",
"sourceAssetId": 1054054,
"typeDetected": "Confirmed",
"vendorSource": "Spotlight"
}
],
"lastUpdated": 1751901905000,
"remediations": [],
"customNumber2": 80,
"customNumber1": 10,
"cvePublishedDate": "2024-07-31T08:15:02.000Z",
"ttd": 8079.4,
"datePublished": "2024-07-31T08:15:02.000Z",
"assetCreatedOn": 1750768369000,
"operatingSystemAttribute": {
"category1": "Unidentified",
"category2": "Unidentified"
},
"patches": [],
"acs": 4,
"truRiskScore": 149,
"tagNames": [
"TestJ000000",
"Unmanaged",
"CAUintManager_BU",
"CrowdStrike Spotlight"
],
"disabled": false,
"ignored": false,
"detectionAge": 7,
"solution": "NA",
"cve": {
"cveId": "CVE-2024-7264",
"qvs": 37,
"cisaKnownExploits": false,
"rti": [
"Exploit_Public"
],
"exploitMaturity": [
"poc"
],
"epssScore": 0.02201,
"updated": 1751982681,
"cvss2Info": {
"temporalScore": 6.1
},
"cvss3Info": {
"basescore": 6.5,
"temporalScore": 6.1,
"accessVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
}
}
}
]