Domain name for API request: csip.intl.tencentcloudapi.com.
Obtain Vulnerability Risk List from Asset's Perspective
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common Params. The value used for this API: DescribeAssetViewVulRiskList. |
| Version | Yes | String | Common Params. The value used for this API: 2022-11-21. |
| Region | No | String | Common Params. This parameter is not required. |
| MemberId.N | No | Array of String | Group Account Member ID |
| Filter | No | Filter | Filtered Content |
| Tags.N | No | Array of AssetTag | Asset tag |
| Parameter Name | Type | Description |
|---|---|---|
| TotalCount | Integer | Total number of entries |
| Data | Array of AssetViewVULRiskData | Vulnerability Risk List from Asset's Perspective |
| StatusLists | Array of FilterDataObject | Status list |
| LevelLists | Array of FilterDataObject | Danger Level List |
| FromLists | Array of FilterDataObject | Source List |
| VULTypeLists | Array of FilterDataObject | Vulnerability Type List |
| InstanceTypeLists | Array of FilterDataObject | Asset Type List |
| Tags | Array of FilterDataObject | tag enumeration. |
| RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
Obtain Vulnerability Risk List from Asset's Perspective
POST / HTTP/1.1
Host: csip.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeAssetViewVulRiskList
<Common request parameters>
{
"Filter": {
"Filters": [
{
"Name": "RecentTime",
"Values": [
"2024-10-26 19:37:21"
],
"OperatorType": 4
},
{
"Name": "RecentTime",
"Values": [
"2024-11-01 19:37:21"
],
"OperatorType": 5
},
{
"Name": "Status",
"Values": [
"0"
],
"OperatorType": 7
}
],
"Limit": 10,
"Offset": 0,
"Order": "desc",
"By": "RecentTime"
}
}
{
"Response": {
"Data": [
{
"AffectAsset": "182.254.145.158",
"AppId": "1300448058",
"AppName": "OpenSSH",
"AppVersion": "v1.0.1",
"CVE": "CVE-2020-15778",
"CVSS": 0,
"CWPVersion": 4,
"Component": "OpenSSH",
"EMGCVulType": 0,
"FirstTime": "2023-09-26 16:34:50",
"From": "Cloud Security Center (CSC)"
"HandleTaskId": "id-cnojiv",
"Index": "360bfa2c*****",
"InstanceId": "ins-***",
"InstanceName": "ins-NAT1",
"InstanceType": "CVM",
"InstanceUUID": "7bb60327-***-****-***",
"Level": "high",
"Nick": "Sheng Sheng Wu Long"
"PCMGRId": "pcmgr-n21ln34l",
"POCId": "c808d8eb****",
"Payload": "OpenSSH/7.4",
"Port": "22",
"RecentTime": "2023-09-27 11:49:10",
"RiskId": "1498f23a***",
"Status": 0,
"TaskId": "task-2k1b3",
"Uin": "2190941624916",
"VULName": "OpenSSH command injection vulnerability (CVE-2020-15778)"
"VULType": "Command injection"
"VULURL": "/vul/detail?id=360bfa2c*****"
}
],
"FromLists": [
{
"Text": "CSC",
"Value": "0"
},
{
"Text": "Host detection"
"Value": "1"
},
{
Container detection
"Value": "5"
}
],
"InstanceTypeLists": [
{
"Text": "CVM",
"Value": "CVM"
}
],
"LevelLists": [
{
Serious
"Value": "extreme"
},
{
"Text": "High risk",
"Value": "high"
},
{
Medium risk
"Value": "middle"
},
{
"Text": "Low risk"
"Value": "low"
},
{
"Text": "Note",
"Value": "info"
}
],
"RequestId": "3c68de67-9f7e-442d-b1f0-81191bd1026e",
"StatusLists": [
{
unprocessed
"Value": "0"
},
{
"Text": "Tag processed"
"Value": "1"
},
{
"Ignored"
"Value": "2"
},
{
"Text": "Fixed"
"Value": "3"
}
],
"Tags": [
{
The vulnerability exists with exploitation in the wild or wild attacks.
"Value": "KNOWN_EXPLOITED"
},
{
The vulnerability can only be exploited locally.
"Value": "LOCAL"
},
{
The vulnerability can be used as system component vulnerability detection
"Value": "SYS"
},
{
The vulnerability can be used as application component vulnerability detection
"Value": "APP"
},
{
"Text": "Emergency"
"Value": "IS_EMERGENCY"
},
{
Security vulnerability can be exploited remotely.
"Value": "NETWORK"
},
{
The vulnerability has a poc
"Value": "POC"
},
{
compulsory
"Value": "IS_SUGGEST"
},
{
"Text": "This vulnerability has an exp"
"Value": "EXP"
}
],
"TotalCount": 1102,
"VULTypeLists": [
{
Fix logic errors
"Value": "Processing logic error"
}
]
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
There is no error code related to the API business logic. For other error codes, please see Common Error Codes.
文档反馈