02-24-2023 12:54 PM
Hello,
We use this API is used to pull the last updated advisories from a date range. In the past the dates pulled from the API output would accurately reflect the date listed on the security advisory listed on Cisco's website but now the dates are inconsistent. For example, one of the most recent advisories "cisco-sa-ucsm-bkpsky-H8FCQgsA" lists as 2023 February 22 16:00 GMT. If I make a request on this advisory I can see the date is instead 2023 February 23. Why is this the case?
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
02-26-2023 04:03 PM
Hello Andrew,
Checking with engineering. Will update shortly.
Thanks.
02-27-2023 01:17 PM
Hello Andrew,
Confirmed in house. Bug has been raised and being worked.
Thanks.
03-02-2023 07:23 PM - edited 03-02-2023 07:23 PM
Hello Andrew,
Whilst we haven't found the root cause as yet; the data has been refreshed and now should be accurate.
Checked the data for the past 3 years and there a few more we will get fixed up; but the rest look good.
Let us know if you spot any other concerns.
Thanks.
09-19-2023 04:28 PM
Hi Oxman,
Re-opening this thread as the same issue was discovered on a different advisory "cisco-sa-asaftd-ravpn-auth-8LyfCkeC". The advisory on the site lists as "2023 September 11 18:21 GMT" while the date from the API is listed as " 'lastUpdated': '2023-09-12T01:21:34'".
Has there been any progress made in the potential cause of this inconsistency?
Thank you,
Andrew
09-20-2023 04:04 PM
Hello Andrew,
For actual bugs with the API it may be best to email openvuln@cisco.com.
We have synced the data again, so it should be correct, but still have not isolated the root cause. Will update here once it is known.
Thanks.
09-25-2023 09:37 AM
09-25-2023 09:38 AM
Hi Oxman,
Unfortunately the date still appears as if it was last updated on the 12th.
I pulled this request today September 25th 2023.
---------------------------------------------------------
{'advisoryId': 'cisco-sa-asaftd-ravpn-auth-8LyfCkeC',
'advisoryTitle': 'Cisco Adaptive Security Appliance Software and Firepower '
'Threat Defense Software Remote Access VPN Unauthorized '
'Access Vulnerability',
'bugIDs': ['CSCwh23100', 'CSCwh45108'],
'cves': ['CVE-2023-20269'],
'cvssBaseScore': '5.0',
'cwe': ['CWE-288'],
'firstPublished': '2023-09-06T23:00:00',
'ipsSignatures': ['NA'],
'lastUpdated': '2023-09-12T01:21:34',
---------------------------------------------------------
03-03-2023 01:35 AM
Hello PR Oxman,
today we found a further advisory ID 'cisco-sa-finesse-proxy-dos-vY5dQhrV' where we saw the same topic.
Regards
Marco
03-06-2023 06:58 PM
Hello Marco,
That looks correct:
"firstPublished": "2023-03-01T16:00:00",
"lastUpdated": "2023-03-02T20:35:00",
What do you believe is the issue?
Thanks.
03-06-2023 09:41 PM
Hi PR Oxman,
when I send my first reply it looks like "firstPublished": "2023-03-02T00:00:00", "lastUpdated": "2023-03-02T00:00:00", but meanwhile it was corrected.
Regards
Marco
02-09-2024 02:05 AM
I've also experienced this issue several times. Again today. Logged it on github too: https://github.com/CiscoPSIRT/openVulnAPI/issues/94
02-11-2024 02:06 PM
Hello Darren,
I will reply to your email to openvuln@cisco.com. Be aware that https://github.com/CiscoPSIRT/openVulnAPI/issues is for issues in the OpenVulnQuery client, not the API data.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide