The CVRF download of Security Advisories previously included list elements within a list of Product Names and IOS/XE version information in a product_names column. The IOS and IOSXE version numbers have since been removed from the data. Without the IOS/XE Product Names and version numbers, I'm unable to scan our inventory for vulnerable products.
The code below downloads the Security Advisories and stores them in a pandas dataframe for further processing.
import pandas as pd
from openVulnQuery import config # Initializes CLIENT_ID and CLIENT_SECRET
from openVulnQuery import query_client
# Use a value of 0 to get advisories for the current year only.
yearsBack = 0
# Create a list of the last <yearsBack>
years = list(range(pd.datetime.now().year-yearsBack, pd.datetime.now().year+1))
# Initialize token
query_client = query_client.OpenVulnQueryClient(client_id=config.CLIENT_ID, client_secret=config.CLIENT_SECRET)
advisories = []
for year in years:
advisories.extend(query_client.get_by_year(year=year, adv_format='cvrf'))
# Create pandas dataframe for raw security advisories
keyVal = vars(advisories[0]).keys()
df = pd.DataFrame([[getattr(i, j) for j in keyVal] for i in advisories], columns=keyVal)
The code above creates a pandas dataframe with raw data. The code below queries the data for two separate advisory_id values to highlight the issue.
df[df.advisory_id.str.contains('cisco-sa-20180328-bfd')][['advisory_id', 'product_names']]
The output for the query above is as follows (note that data for product names and version numbers is included):
advisory_id product_names
227 cisco-sa-20180328-bfd [Cisco IOS 15.1SG 15.1(1)SG, Cisco IOS 15.1SG 15.1(2)SG, Cisco IOS 15.1SG 15...
A similar query for a different, more current advisory_id displays no data (for product_names and even bug_ids):
df[df.advisory_id.str.contains('cisco-sa-20180824-linux-ip-fragment')][['advisory_id', 'product_names', 'bug_ids']]
advisory_id product_names bug_ids
31 cisco-sa-20180824-linux-ip-fragment [NA] [NA]
The URL, however, references data for product_names and/or bug_ids. see https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment