topic Query Vulnerabilities given a product name in Services Discussions

Query Vulnerabilities given a product name

shanxiong — Thu, 19 Apr 2018 02:37:48 GMT

I have find a question when i use the url

https://api.cisco.com/security/advisories/cvrf/product?product<<keyword>>

For example, i wand to query ISE Vulnerabilities , i use the curl

curl -X GET -s -k -H "Accept: application/xml" -H "Authorization: Bearer v2wESFSSPRjvKtkMnsTtS946CNEB" https://api.cisco.com/security/advisories/cvrf/product?product=Cisco Identity Services Engine > G:\0420.xml

the output of Vulnerabilities is same to i use the below curl

curl -X GET -s -k -H "Accept: application/xml" -H "Authorization: Bearer v2wESFSSPRjvKtkMnsTtS946CNEB" https://api.cisco.com/security/advisories/cvrf/product?product=Cisco > G:\0420.xml

1,so i doubt that whether only the first keyword is useful when querying the PSIRT openVuln API by Product ?

2, how to query Cisco Identity Services Engine by curl methods ?

thanks a lot

shanxiong

Re: Query Vulnerabilities given a product name

erthiel — Thu, 19 Apr 2018 16:57:55 GMT

I don't have an API key handy to test, but I think this is what you are looking for:

curl -X GET -G -s -k -H "Accept: application/xml" -H "Authorization: Bearer v2wESFSSPRjvKtkMnsTtS946CNEB" https://api.cisco.com/security/advisories/cvrf/product --data-urlencode "product=Cisco Identity Services Engine" > test1.txt

Or, you could manually substitute "%20" for each space, but I think above is more graceful. If you want to confirm, throw a "-v" in and you can see the url being requested. With above I see:

> GET /security/advisories/cvrf/product?product=Cisco%20Identity%20Services%20Engine HTTP/1.1

-Eric

Re: Query Vulnerabilities given a product name

shanxiong — Mon, 23 Apr 2018 05:46:15 GMT

Hi Eric

thank you for your kindly help

I have do test about the two methods,, both ok.

thanks

shanxiong