topic Cisco PSIRT openVuln API in Application Security

Cisco PSIRT openVuln API

zongaxelle — Mon, 23 Jun 2025 18:05:45 GMT

Bonjour,
J’ai créé une application sur le Developer Portal (Application Type: Service, Grant Type: Client Credentials) pour accéder à l’API Cisco PSIRT openVuln API.
L’authentification OAuth2 fonctionne (j’obtiens bien un token via https://cloudsso.cisco.com/as/token.oauth2), mais toute tentative d’appel à https://api.cisco.com/security/advisories/v1/cves retourne :
403 Forbidden: <h1>Not Authorized</h1>
Mon client_id (API Key) est :
m5k6jcpsdf4zvpa3s79fkvgm
Merci de vérifier que les permissions d’accès à l’API PSIRT openVuln sont bien activées pour cette app.

Re: Cisco PSIRT openVuln API

Torbjørn — Tue, 24 Jun 2025 08:30:51 GMT

Bonjour @zongaxelle, Welcome to the community!

Can you post an example request with your API redacted?
If you are certain that you are authenticating correctly you should contact support at apix-support@cisco.com

Re: Cisco PSIRT openVuln API

zongaxelle — Tue, 24 Jun 2025 10:17:44 GMT

Hi, @Torbjørn thank you for your answer.

Here is how i am trying to call my API

import requests

# ==== CONFIGURATION ====

CLIENT_ID = "m5k6jcpsdf4zvpa3s79fkvgm"

CLIENT_SECRET = "sysQY84Y9TSWaR2wQfFNfgss"

access_token = "eyJraWQiOiJYYmZSeTktVmNqc0hHSUJDcVcySUVrMmtwdGhPcXFZVHdVdkJmQzJ5b2ljIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULllIUFJIcWdfSlUxOHNjMTViU1VhQzRaRjhPTUZ4VEw1NnBXb0RMMjZJY1UiLCJpc3MiOiJodHRwczovL2lkLmNpc2NvLmNvbS9vYXV0aDIvZGVmYXVsdCIsImF1ZCI6ImFwaTovL2RlZmF1bHQiLCJpYXQiOjE3NTA3NTMwNDYsImV4cCI6MTc1MDc1NjY0NiwiY2lkIjoibTVrNmpjcHNkZjR6dnBhM3M3OWZrdmdtIiwic2NwIjpbImN1c3RvbXNjb3BlIl0sInN1YiI6Im01azZqY3BzZGY0enZwYTNzNzlma3ZnbSIsImF6cCI6Im01azZqY3BzZGY0enZwYTNzNzlma3ZnbSJ9.XCrxvfWsnPhGRnCl-0jNkrKUFZiVGKHZ4iP_XoroHVe4eQ4AI3rrfOAcIgTWkbCZO8dXuCp0WPw28o1WHUfxoXH0Y5STC06tu_H57f2UqMkBp2hzE25q88xtaoOJcoMTPkOAFZiz71QOzkS2zSA_vp4ZDniTKS8i5M3ePle479GwDbVD0Y4zWQEKUiiJO9OtsZqMLIgb5amyPS1B9MTNJpXEXtzE4fYB2eCnPtSi6ZG9vbyg7L8_tSdfj32XogOih-yD9h3l4Z4POewJe8Z8EOOA5lUN29Nk4Dtdgs0BmLey3N5EhGA-7rV4ko-Lqg-_JtK6wpyi7Eq1aVGW2g-vTg"

def get_access_token():

url = "https://id.cisco.com/oauth2/default/v1/token"

headers = {

"Content-Type": "application/x-www-form-urlencoded",

"Accept": "application/json"

}

data = {

"grant_type": "client_credentials",

"client_id": CLIENT_ID,

"client_secret": CLIENT_SECRET

}

response = requests.post(url, headers=headers, data=data)

if response.status_code == 200:

return response.json()["access_token"]

else:

raise Exception(f"Erreur Authentification (code {response.status_code}) : {response.text}")

def search_cves(product_name, access_token😞

url = "https://api.cisco.com/security/advisories/v1/cves"

headers = {

"Authorization": f"Bearer {access_token}",

"Accept": "application/json"

}

params = {

"product": product_name

}

response = requests.get(url, headers=headers, params=params)

if response.status_code == 200:

return response.json()

else:

raise Exception(f"Erreur API CVE (code {response.status_code}) : {response.text}")

def display_cves(cve_data😞

cves = cve_data.get("advisories", [])

if not cves:

print("Aucune CVE trouvée pour ce produit.")

return

print(f"\n {len(cves)} CVE(s) trouvée(s) :\n")

for item in cves:

print(f"- CVE ID : {item.get('cve_id')}")

print(f" Titre : {item.get('advisory_title')}")

print(f" Publié le : {item.get('publication_url')}")

print(f" Gravité : {item.get('cvss_base_score', 'N/A')}")

print("")

def main():

try:

print(" Récupération du token d'accès...")

token = get_access_token()

produit = input("🔎 Entrez le nom du produit Cisco (ex: Cisco Catalyst 9300) : ")

print(f"Recherche des CVEs pour : {produit}")

data = search_cves(produit, token)

display_cves(data)

except Exception as e:

print("", e)

if __name__ == "__main__":

main()

Re: Cisco PSIRT openVuln API

Torbjørn — Tue, 24 Jun 2025 12:14:09 GMT

@zongaxelle - Please remove the API key and access token from the above posts

You seem to be using the authentication flow described for the support APIs instead of the one you should use for the PSIRT OpenVuln API. See the correct authentication flow documentation here: https://developer.cisco.com/docs/psirt/authentication/#authentication

Re: Cisco PSIRT openVuln API

wordenj — Tue, 24 Jun 2025 22:23:28 GMT

Check your URL: This is a working endpoint, https://apix.cisco.com/security/advisories/v2/product?product=Cisco Unified Communications Manager

Re: Cisco PSIRT openVuln API

zongaxelle — Wed, 25 Jun 2025 07:36:00 GMT

ok, I'll start the process again and get back to you

Re: Cisco PSIRT openVuln API

zongaxelle — Wed, 25 Jun 2025 07:36:49 GMT

Ok, thanks for your reply, I'll start the process again by mentioning this URL and I'll get back to you.

Re: Cisco PSIRT openVuln API

zongaxelle — Wed, 25 Jun 2025 10:42:27 GMT

Thanks, it's working now. I have changed my url as you say

Re: Cisco PSIRT openVuln API

zongaxelle — Wed, 25 Jun 2025 10:50:15 GMT

I restarted the authentication process and generated a new key and access token according to the URL you gave me. It works now. Thank you for your help.