Domain name for API request: csip.intl.tencentcloudapi.com.
This API is used to query the list of vulnerabilities by vulnerabilities.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common Params. The value used for this API: DescribeRiskCenterVULViewVULRiskList. |
| Version | Yes | String | Common Params. The value used for this API: 2022-11-21. |
| Region | No | String | Common Params. This parameter is not required. |
| MemberId.N | No | Array of String | Group Account Member ID |
| Filter | No | Filter | Filter conditions |
| Tags.N | No | Array of AssetTag | Asset tags |
| Parameter Name | Type | Description |
|---|---|---|
| TotalCount | Integer | Total number of entries |
| Data | Array of VULViewVULRisk | List of vulnerabilities |
| LevelLists | Array of FilterDataObject | List of risk levels |
| FromLists | Array of FilterDataObject | List of check source |
| VULTypeLists | Array of FilterDataObject | List of vulnerability types |
| RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
Obtain Vulnerability Risk List from Vulnerability's Perspective
POST / HTTP/1.1
Host: csip.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeRiskCenterVULViewVULRiskList
<Common request parameters>
{
"MemberId": [
"mem-68b8087a65268000"
],
"Filter": {
"Limit": 1,
"Offset": 0
}
}
{
"Response": {
"Data": [
{
"AffectAssetCount": 1,
"AppId": "1315",
"AppName": "perl",
"AppVersion": "5.20.2-3+deb8u6",
"CVE": "CVE-2017-12883",
"Component": "perl",
"Describe": "describe info",
"EMGCVulType": 0,
"FirstTime": "2024-09-12 14:50:06",
"Fix": "Upgrade to the latest vulnerability-free version. We recommend you update the current system or software to the latest version to complete vulnerability fixes."
"From": "Container detection"
"Id": "0468eaa3505cf5ae9889a052",
"Index": "0468ea5ae551fb98659a052",
"Level": "extreme",
"Nick": "Sheng Sheng Wu Long"
"NoHandleCount": 1,
"Payload": "5.20.2-3+deb8u6",
"Port": "80",
"RecentTime": "2024-10-30 11:20:38",
"References": "http://mirror.cucumberlinux.com/cucumber/cucumber-1.0/source/lang-base/perl/patches/CVE-2017-12883.patch",
"Uin": "100178",
"VULName": "PERL regular expression parser buffer error vulnerability (CVE-2017-12883)"
"VULType": "buffer overflow"
"VULURL": "/usr/bin"
}
],
"FromLists": [
{
"Text": "CSC",
"Value": "0"
},
{
"Text": "Host detection"
"Value": "1"
},
{
Container detection
"Value": "5"
}
],
"LevelLists": [
{
Medium risk
"Value": "middle"
},
{
"Text": "Low risk"
"Value": "low"
},
{
"Text": "Prompt"
"Value": "info"
},
{
Critical
"Value": "extreme"
},
{
High-risk
"Value": "high"
}
],
"RequestId": "848fbdea-ba54-4f46-aaaa-7f70f823b977",
"TotalCount": 460,
"VULTypeLists": [
{
information leakage
"Value": "information leakage"
},
{
Processing logic error
"Value": "Fix logic error"
},
{
"Text": "Other",
"Value": "Other"
},
{
"Text": "Path traversal"
"Value": "Path traversal"
},
{
Authorization issue
"Value": "Authorization issue"
},
{
"Text": "Injection vulnerability"
"Value": "Injection vulnerability"
},
{
"Text": "Code injection",
"Value": "Code injection"
},
{
"Text": "buffer overflow"
"Value": "buffer overflow"
},
{
Misconfiguration
"Value": "Configuration error"
},
{
encryption issue
"Value": "Encryption issue"
},
{
cross-site scripting
"Value": "Cross-site scripting"
},
{
Command injection
"Value": "Command injection"
}
]
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| AuthFailure | CAM signature/authentication error. |
| DryRunOperation | The request would have succeeded, but the DryRun parameter was used. |
| FailedOperation | Operation failed. |
| InternalError | An internal error occurs. |
| InvalidParameter | The parameter is incorrect. |
| InvalidParameterValue | Invalid parameter value. |
| LimitExceeded | The quota limit is reached. |
| MissingParameter | Missing parameters. |
| OperationDenied | Operation denied. |
| RequestLimitExceeded | Too many requests. |
| ResourceInUse | Occupied resource |
| ResourceInsufficient | Resources are insufficient. |
| ResourceNotFound | The resource doesn't exist. |
| ResourceUnavailable | The resource is unavailable |
| ResourcesSoldOut | The resources have been sold out. |
| UnauthorizedOperation | The operation is unauthorized. |
| UnknownParameter | The parameter is unknown. |
| UnsupportedOperation | The operation is not supported. |
피드백