10-18-2018 06:31 AM
Hi,
trying to find for product the openVulnQuery fails with the following.
The same using curl works.
Any suggestions?
root@qitopsrv001:~# openVulnQuery --config /root/credential.json --product asa
Traceback (most recent call last):
File "/usr/local/bin/openVulnQuery", line 11, in <module>
sys.exit(main())
File "/usr/local/lib/python2.7/dist-packages/openVulnQuery/_library/main.py", line 60, in main
advisories = client.get_by(topic, adv_format, api_resource_value, **f_cfg)
File "/usr/local/lib/python2.7/dist-packages/openVulnQuery/_library/query_client.py", line 188, in get_by
return trampoline[topic](format, aspect, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/openVulnQuery/_library/query_client.py", line 144, in get_by_product
req_path, params={'product': product_name})
File "/usr/local/lib/python2.7/dist-packages/openVulnQuery/_library/query_client.py", line 208, in get_request
r.raise_for_status()
File "/usr/lib/python2.7/dist-packages/requests/models.py", line 893, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 404 Client Error: Not Found for url: https://api.cisco.com/security/advisories/product?product=asa
root@qitopsrv001:~#
12-07-2018 02:49 PM
Hi,
Product based queries should work now. The following is a test based on your query. Could you please try and please also make sure that you have the latest version of the client.
┌─[✗]─[omar@server112]─[~] └──╼ $openVulnQuery --product asa [ { "advisory_id": "cisco-sa-20181031-asaftd-sip-dos", "advisory_title": "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability", "bug_ids": [ "CSCvm43975" ], "cves": [ "CVE-2018-15454" ], "cvrfUrl": "https://tools.cisco.com/security/center/contentxml/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos/cvrf/cisco-sa-20181031-asaftd-sip-dos_cvrf.xml", "cvss_base_score": "8.6", "cwe": [ "CWE-20" ], "first_published": "2018-10-31T19:30:00-0500", "ips_signatures": [ "NA" ], "last_updated": "2018-11-16T21:19:02-0600", "product_names": [ "Cisco Adaptive Security Appliance (ASA) Software ", "Cisco Firepower Threat Defense Software " ], "publication_url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos", "sir": "High",
<output omitted for brevity>
└──╼ $pip show openVulnQuery
Name: OpenVulnQuery
Version: 1.30
Summary: A python-based module(s) to query the Cisco PSIRT openVuln API.
Home-page: https://github.com/CiscoPSIRT/openVulnAPI/tree/master/openVulnQuery
Author: Omar Santos
Author-email: os@cisco.com
License: The MIT License (MIT)
Location: /usr/local/lib/python3.7/site-packages/OpenVulnQuery-1.30-py3.7.egg
Requires: argparse, requests
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: