Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9705
Views
5
Helpful
2
Replies

Missing Security Advisory data between Aug 1, 2018 and Aug 14, 2018 using openVulnQuery API

Go to solution
vlm
Level 1
Level 1

‎08-15-2018 11:26 AM

My application has been pulling Security Advisories for a few months. However, when I ran the app yesterday (Aug 13, 2018), I only got advisories through Aug 1 even though advisories past Aug 1 existed. I ran the app this morning and got data through Aug 1 and Aug 14. The data between those two dates remains missing.

import pandas as pd
from openVulnQuery import config # Initializes CLIENT_ID and CLIENT_SECRET
from openVulnQuery import query_client

# Use a value of 0 to get advisories for the current year only.
yearsBack = 0
# Create a list of the last <yearsBack>
years = list(range(pd.datetime.now().year-yearsBack, pd.datetime.now().year+1)) 

# Initialize token
query_client = query_client.OpenVulnQueryClient(client_id=config.CLIENT_ID, client_secret=config.CLIENT_SECRET)

advisories = []
for year in years:
    advisories.extend(query_client.get_by_year(year=year, adv_format='cvrf'))

# Create pandas dataframe for raw security advisories
keyVal = vars(advisories[0]).keys()
df = pd.DataFrame([[getattr(i, j) for j in keyVal] for i in advisories], columns=keyVal)

 

1 Accepted Solution

Accepted Solutions

Go to solution
Omar Santos
Cisco Employee
Cisco Employee

‎08-15-2018 03:37 PM

Hi @vlm

 

Thank you for reaching out. I am not able to experience the issue you mentioned. I am able to see advisories in that time period. Please see below (using the simple openVulnQuery python client (which you are importing to your code):

 

omar@dio:~$ openVulnQuery --cvrf --latest 100 -f advisory_id first_published
[
    {
        "advisory_id": "cisco-sa-20180814-cpusidechannel",
        "first_published": "2018-08-14T17:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180606-asaftd",
        "first_published": "2018-06-06T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-csb-wap-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-asr-ptp-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-wsa-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-ucmimps-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-dna-injection",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-res-xss",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-wsa-escalation",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-esa-file-bypass",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-cucdm-xss",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-sb-wap-encrypt",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20161026-linux",
        "first_published": "2016-10-26T15:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180813-rsa-nonce",
        "first_published": "2018-08-13T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180809-wpa2",
        "first_published": "2018-08-09T18:20:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180521-cpusidechannel",
        "first_published": "2018-05-22T01:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-pcp-dos",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-fampmac",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-sb-pxss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-ucm-xss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-wsa-xss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-sb-rxss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-ise-csrf",
        "first_published": "2018-08-01T16:00:00-0500"

<output omitted for brevity>

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Omar Santos
Cisco Employee
Cisco Employee

‎08-15-2018 03:37 PM

Hi @vlm

 

Thank you for reaching out. I am not able to experience the issue you mentioned. I am able to see advisories in that time period. Please see below (using the simple openVulnQuery python client (which you are importing to your code):

 

omar@dio:~$ openVulnQuery --cvrf --latest 100 -f advisory_id first_published
[
    {
        "advisory_id": "cisco-sa-20180814-cpusidechannel",
        "first_published": "2018-08-14T17:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180606-asaftd",
        "first_published": "2018-06-06T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-csb-wap-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-asr-ptp-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-wsa-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-ucmimps-dos",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-dna-injection",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-res-xss",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-wsa-escalation",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-esa-file-bypass",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-cucdm-xss",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180815-sb-wap-encrypt",
        "first_published": "2018-08-15T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20161026-linux",
        "first_published": "2016-10-26T15:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180813-rsa-nonce",
        "first_published": "2018-08-13T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180809-wpa2",
        "first_published": "2018-08-09T18:20:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180521-cpusidechannel",
        "first_published": "2018-05-22T01:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-pcp-dos",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-fampmac",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-sb-pxss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-ucm-xss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-wsa-xss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-sb-rxss",
        "first_published": "2018-08-01T16:00:00-0500"
    },
    {
        "advisory_id": "cisco-sa-20180801-ise-csrf",
        "first_published": "2018-08-01T16:00:00-0500"

<output omitted for brevity>
0 Helpful

Go to solution
vlm
Level 1
Level 1
In response to Omar Santos

‎08-16-2018 05:49 AM

Omar,

 

I guess the matter was resolved somehow, as your results are aligned with mine. However, when I ran the code on Aug 13, the last entry in my data was for Aug 1. Later that afternoon, I got an entry for Aug 13. I’m happy to see that there’s an entry for Aug 9 (inside of the date range I provided).

 

Thanks for following up so quickly.

 

Victor

0 Helpful
Customers Also Viewed These Support Documents