cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2803
Views
0
Helpful
2
Replies

Query Vulnerabilities given a product name

shanxiong
Level 1
Level 1

Hi

I have find a question  when  i use the url 

https://api.cisco.com/security/advisories/cvrf/product?product<<keyword>>


For example, i wand to query ISE Vulnerabilities , i use the curl


curl -X GET -s -k -H "Accept: application/xml" -H "Authorization: Bearer v2wESFSSPRjvKtkMnsTtS946CNEB" https://api.cisco.com/security/advisories/cvrf/product?product=Cisco Identity Services Engine  > G:\0420.xml


the output of Vulnerabilities is same to i use the below curl


curl -X GET -s -k -H "Accept: application/xml" -H "Authorization: Bearer v2wESFSSPRjvKtkMnsTtS946CNEB" https://api.cisco.com/security/advisories/cvrf/product?product=Cisco > G:\0420.xml

1,so i doubt that whether only the first keyword is useful when querying the PSIRT openVuln API by Product ?

2, how to query Cisco Identity Services Engine by  curl methods ?



thanks a lot

shanxiong

1 Accepted Solution

Accepted Solutions

erthiel
Cisco Employee
Cisco Employee

I don't have an API key handy to test, but I think this is what you are looking for:

curl -X GET -G -s -k -H "Accept: application/xml" -H "Authorization: Bearer v2wESFSSPRjvKtkMnsTtS946CNEB" https://api.cisco.com/security/advisories/cvrf/product --data-urlencode "product=Cisco Identity Services Engine" > test1.txt

Or, you could manually substitute "%20" for each space, but I think above is more graceful. If you want to confirm, throw a "-v" in and you can see the url being requested. With above I see:

> GET /security/advisories/cvrf/product?product=Cisco%20Identity%20Services%20Engine HTTP/1.1

-Eric

View solution in original post

2 Replies 2

erthiel
Cisco Employee
Cisco Employee

I don't have an API key handy to test, but I think this is what you are looking for:

curl -X GET -G -s -k -H "Accept: application/xml" -H "Authorization: Bearer v2wESFSSPRjvKtkMnsTtS946CNEB" https://api.cisco.com/security/advisories/cvrf/product --data-urlencode "product=Cisco Identity Services Engine" > test1.txt

Or, you could manually substitute "%20" for each space, but I think above is more graceful. If you want to confirm, throw a "-v" in and you can see the url being requested. With above I see:

> GET /security/advisories/cvrf/product?product=Cisco%20Identity%20Services%20Engine HTTP/1.1

-Eric

Hi Eric

thank you for your kindly help

I have do test  about the two methods,, both ok.

thanks

shanxiong