/ DOCS
nav-img
Advanced

Querying the Servers Affected by a Vulnerability

Function

This API is used to query the servers affected by a vulnerability.

URI

GET /v5/{project_id}/vulnerability/hosts

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

enterprise_project_id

No

String

Enterprise project ID. The value 0 indicates the default enterprise project. To query all enterprise projects, set this parameter to all_granted_eps.

vul_id

Yes

String

Vulnerability ID

type

Yes

String

Operation type. The options are as follows:

-linux_vul: Linux vulnerability

-windows_vul: Windows vulnerability

-web_cms: Web-CMS vulnerability

-app_vul: application vulnerability

-urgent_vul: emergency vulnerability

host_name

No

String

Name of the affected server

host_ip

No

String

IP address of the affected server

status

No

String

Vulnerability status.

  • vul_status_unfix: not fixed

  • vul_status_ignored: ignored

    • vul_status_verified: verification in progress

    • vul_status_fixing: The fix is in progress.

    • vul_status_fixed: The fix succeeded.

    • vul_status_reboot: The issue is fixed and waiting for restart.

    • vul_status_failed: The issue failed to be fixed.

    • vul_status_fix_after_reboot: Restart the server and try again.

limit

No

Integer

Number of records on each page

offset

No

Integer

Offset, which specifies the start position of the record to be returned.

asset_value

No

String

Asset importance

important

common

test

group_name

No

String

Server group name

handle_status

No

String

description: |-

Handling status. The options are as follows:

- unhandled

- handled

severity_level

No

String

Risk level. The value can be Critical, High, Medium, or Low.

is_affect_business

No

Boolean

Indicates whether services are affected. The value can be y or n.

repair_priority

No

String

Fixing priority. The options are as follows:

  • Critical:

  • High

  • Medium

  • Low

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total_num

Integer

Number of affected servers

data_list

Array of VulHostInfo objects

List of affected ECSs

Table 5 VulHostInfo

Parameter

Type

Description

host_id

String

ID of the server affected by the vulnerability

severity_level

String

Risk level.

  • Critical: The CVSS score of the vulnerability is greater than or equal to 9, corresponding to the high risk level on the console.

  • High: The CVSS score of the vulnerability is greater than or equal to 7 and less than 9, corresponding to the medium risk level on the console.

  • Medium: The CVSS score of the vulnerability is greater than or equal to 4 and less than 7, corresponding to the medium risk level on the console.

  • Low: The CVSS score of the vulnerability is less than 4, corresponding to the low risk level on the console.

host_name

String

Name of the affected server

host_ip

String

IP address of the affected server

agent_id

String

Agent ID

version

String

The quota version bound to the server

cve_num

Integer

Number of vulnerability CVEs

cve_id_list

Array of strings

The CVE ID list corresponding to the vulnerability

status

String

Vulnerability status.

  • vul_status_unfix: not fixed

  • vul_status_ignored: ignored

  • vul_status_verified: verification in progress

  • vul_status_fixing: The fix is in progress.

  • vul_status_fixed: The fix succeeded.

  • vul_status_reboot: The issue is fixed and waiting for restart.

  • vul_status_failed: The issue failed to be fixed.

  • vul_status_fix_after_reboot: Restart the server and try again.

repair_cmd

String

Command line to be executed to fix the vulnerability (This field is available only for Linux vulnerabilities.)

app_path

String

Path of the application software (This field is available only for application vulnerabilities.)

region_name

String

Region

public_ip

String

Server public IP address

private_ip

String

Server private IP address

group_id

String

Server group ID

group_name

String

Server group name

os_type

String

Operating system (OS)

asset_value

String

Asset importance. The options are as follows:

  • important

  • common

  • test

is_affect_business

Boolean

Whether services are affected

first_scan_time

Long

First scan time

scan_time

Long

Scanning time, in ms.

support_restore

Boolean

Indicates whether data can be rolled back to the backup created when the vulnerability was fixed.

disabled_operate_types

Array of disabled_operate_types objects

List of operation types of vulnerabilities that cannot be performed on the current server.

repair_priority

String

Fixing priority. The options are as follows:

  • Critical

  • High

  • Medium

  • Low

Table 6 disabled_operate_types

Parameter

Type

Description

operate_type

String

Operation type.

  • ignore

  • not_ignore (unignore)

  • immediate_repair

  • manual_repair

  • verify

  • add_to_whitelist

reason

String

Indicates the reason why the operation cannot be performed.

Example Requests

Query the first 10 records in the list of servers with EulerOS-SA-2021-1894 vulnerability.

GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/hosts?vul_id=EulerOS-SA-2021-1894&offset=0&limit=10

Example Responses

Status code: 200

Request succeeded.

{
  "total_num" : 1,
  "data_list" : [ {
    "host_id" : "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "severity_level" : "Low",
    "host_name" : "ecs",
    "host_ip" : "xxx.xxx.xxx.xxx",
    "agent_id" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "version" : "hss.version.enterprise",
    "cve_num" : 1,
    "cve_id_list" : [ "CVE-2022-1664" ],
    "status" : "vul_status_ignored",
    "repair_cmd" : "zypper update update-alternatives",
    "app_path" : "/root/apache-tomcat-8.5.15/bin/bootstrap.jar",
    "support_restore" : true,
    "disabled_operate_types" : [ {
      "operate_type" : "immediate_repair",
      "reason" : "The kernel vulnerability of CCE container node cannot be automatically fixed."
    } ],
    "repair_priority" : "Critical"
  } ]
}

Status Codes

Status Code

Description

200

Request succeeded.

Error Codes

Parent topic: Vulnerability Management
Предыдущая статья
Exporting Information About Vulnerabilities and Their Affected Servers
Следующая статья
Changing the Status of a Vulnerability
Была ли эта статья полезна?
Поддержка Юридические документы
© 2025 Cloud.ru