Developer Guidelines
10.4.2602
Search this version
Developer Guidelines
Developer Guidelines
oAuth APIs
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Get Vulnerabilities of a Device
Summarize Page
Copy Markdown
Open in ChatGPT
Open in Claude
| API version | 3.2 |
|---|---|
| Last Update | 08/15/2023 |
| Authentication | YES |
| HTTP Method | POST |
| Content Type | application/json |
| Rate limited | YES |
| Requests per rate limit | 10 requests/min |
| Response Format | JSON |
| Change History | Added support for Known Exploited Vulnerabilities |
Use to fetch detected vulnerabilities that are associated to a device
API URL
https://gears.opswat.com/o/api/v3.2/get_cvesRequest Parameters
| Key | Datatype | Parameter Type | Required | Description | Default |
|---|---|---|---|---|---|
| access_token | string | URL | Yes | access token which archived from OAuth authentication step | |
| id | string | Body | Yes | The Device ID or MAC Address of a device you want to fetch vulnerabilities | |
| verbose | int | Body | Optional | 1 - detailed vulnerability information will return in response 0 - response only include CVE IDs, no detailed information | 0 |
| limit | int | Body | Optional | Specific maximum number of vulnerabilities will be returned in the response. The value should be in [1,100]. | 100 |
| page | int | Body | Optional | A page you want to get data | 1 |
| filter | object | Body | Optional | Specify filter criteria | |
| filter.score_type | string | Body | Optional | Specify what score type used to filter along with the field filter.score Value can be: "opswat_score", "cvss2_ score", "cvss3_score" | opswat_score |
| filter.severity | array | Body | Optional | Filter vulnerabilities based on score_type:
| all based on selected score_type |
| filter.kev | int | Body | Optional | 0: Return all CVEs 1: Only return CVEs in the KEV list | 0 |
Response HTTP Code
See details in the Response HTTP Code section in this page
Response Parameters
| Key | DataType | Description |
|---|---|---|
| cve_id | string | CVE ID |
| severity | string | vulnerability severity. Value can be: "critical", "important", "moderate", "low", "unknown", "high", "medium" |
| summary | string | Vulnerability summary |
| update_date | string | The last date NIST updated this vulnerability |
| publish_date | string | The date NIST published this vulnerability |
| opswat_score | string | OPSWAT score |
| cvss2_score | string | CVSS 2 score |
| cvss3_score | number | CVSS 3 score |
| remediation | string | Suggestion to remediate the CVE |
| cwe_id | string | A CWE(Common Weakness Enumeration) group identification string. |
| kev.due_date | string | The due date to fix this vulnerability |
| kev.published_date | string | The date CISA published this vulnerability |
Example
Example Request:
https://gears.opswat.com/o/api/v3.2/get_cves?access_token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX{ "id": "device_id", "filter": { "severity": ["critical"] }, "page": 1, "limit": 20}Example Response with verbose as OFF
[ { "cve_id": "CVE-2015-8459", "severity": "critical", "opswat_score": 9.6, "cvss2_score": 10, "cvss3_score": 10, "kev": { "due_date": "2023-06-12T00:00:00Z", "published_date": "2023-05-22T00:00:00Z" } }, { "cve_id": "CVE-2004-0629", "severity": "critical", "opswat_score": 5.3, "cvss2_score": 7.5 "cvss3_score": 10, }]Example Response with verbose as ON
[ { "cve_id": "CVE-2007-5341", "severity": "critical", "summary": "Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.", "cwe_id": "CWE-119", "update_date": "2017-02-17T02:59:08Z", "publish_date": "2017-02-17T02:59:08Z", "opswat_score": 9.0, "cvss2_score": 7.5, "cvss3_score": 9.8, "remediation": "Mozilla Firefox 0.0: Upgrade to a version higher than 2.0.0.7", "kev": { "due_date": "2023-06-12T00:00:00Z", "published_date": "2023-05-22T00:00:00Z" } }, { "cve_id": "CVE-2016-0990", "severity": "critical", "summary": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.", "cwe_id": "", "update_date": "2017-02-17T02:59:08Z", "publish_date": "2017-02-17T02:59:08Z", "opswat_score": 8.1, "cvss2_score": 10.0, "cvss3_score": 9.8, "remediation": "Adobe Flash Player (ActiveX) 10.0.32.18: Upgrade to a version higher than 20.0.0.306" }]History
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on
Was this page helpful?
Next to read:
Get VulnerabilitiesDiscard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message
