Re: Suggestions to openVuln

Tim Glen · ‎10-30-2017

Hi,

First, I appreciate the ability to use the API, I find it’s very beneficial in getting PSIRT data. However, I would like to make a few suggestions.

1. I’ve read the Getting Started guide here and see that I can make queries like

https://api.cisco.com/security/advisories/cvrf/severity/critical

and

https://api.cisco.com/security/advisories/cvrf/year/<YYYY>

I am unable to create a query like

https://api.cisco.com/security/advisories/cvrf?year=2017&severity=critical

Using parameters instead if subdirectories would allow me to create a much more complicated & specific query like

https://api.cisco.com/security/advisories/cvrf?year=2017&severity=critical&product=asa&version=9.6*

2. Allow me to browse the API instead of returning a 404.

For example, a query to this URL returns a 404.

https://api.cisco.com/security/advisories/cvrf/

I believe this should return data similar to ‘All’, ‘Critical’, ‘High’, ‘Medium’, ‘Low’.

Another example that comes to mind is

https://api.cisco.com/security/advisories/cvrf/year/2017/product

Again, this returns a 404. Cisco makes a bazillion products and I don’t know the API specific names for each of them. I believe the API should return the names of the products similar to ‘Cisco 2621’, ‘Cisco 3925 ISR’, ‘Cisco ASR 1001’, ‘Cisco 5555-X Adaptive Security Appliance’, ‘Cisco 5508 Wireless LAN Controller’.

3. When searching for PSIRTs related to a product eg. ASA, I get every PSIRT ever issued for an ASA. It would be very beneficial if I was able to drill down on ASA & a specific version, like this

https://api.cisco.com/security/advisories/cvrf&product=asa&version=9.6*

Thanks very much for this tool.

Tim

Omar Santos · ‎10-31-2017

Thanks for the great suggestions Tim!

I will work with the development team to evaluate the enhancements requests described in #1 and #2.

Regarding #3, version information is only supported for IOS or IOS-XE. We are currently working on enhancing internal tools in order to be able to support this functionality for additional products.

Thanks!

Omar

Tim Glen · ‎11-02-2017

Thank you

pagrawa2 · ‎02-06-2019

Hi Omar,

Do we support using version related query now for the ASA or is it on the roadmap?

Thanks and regards

Priyanka

@Omar Santos wrote:

Thanks for the great suggestions Tim!

I will work with the development team to evaluate the enhancements requests described in #1 and #2.

Regarding #3, version information is only supported for IOS or IOS-XE. We are currently working on enhancing internal tools in order to be able to support this functionality for additional products.

Thanks!

Omar

lbandlav · ‎11-20-2017

Do we have support to grep for protocol specific like SSL or SSH? is it supported to data center? Please let me know

marmclau · ‎11-20-2017

Hi Laxmi,

I believe you are asking if there is a way to use a keyword to search for a security advisory. We do not currently have this ability. However, you can use one of the other API calls documented at Cisco DevNet: PSIRT - PSIRT and then examine the returned CVRF files for a protocol such as SSL or SSH. You can then use grep or your favorite filter on the title, summary, or details for the protocol you wish to look for.

We can include this as an enhancement request to the API.

lbandlav · ‎01-23-2018

Thanks Mark,

Shall i raise a enhancement request for the same? if yes, please let me know CDETS details to file one.

Thanks

ipagliani · ‎02-01-2018

Ciao,

regarding the possibility to use API for query 3th party vulnerability. Could it be possible ?

I'm thinking about the same possibility we have interacting Cisco Security Advisories and Alerts web site:

https://tools.cisco.com/security/center/publicationListing.x

Thanks