Third Party Vulnerability

Get Third Party Vulnerability Information for a customer in PDF/JSON/CSV format

Get Third Party Vulnerability Information

GET https://k2io.net/centralmanager/api/v1/download/application/vulnerability/{K2_CUSTOMER_ID}

This endpoint allows you to get third party vulnerability information in JSON/PDF/CSV. Note - In case you're using K2 On-Premises Portal then replace https://k2io.net in the API with elastic IP address of your K2 On-Premises Cluster.

Path Parameters

Name	Type	Description
K2_CUSTOMER_ID	integer	customerId of customer For e.g. 533. It can be obtained by accessing customer profile on K2 Portal.

Query Parameters

Name	Type	Description
startTime	integer	startTime of the attacks(time duration field in milliseconds) For e.g. 1619503221323.
endTime	integer	endTime of the attacks(time duration field in milliseconds) For e.g. 1631691905000.
fileType	string	Specify download file type for e.g. csv,json,pdf For e.g. csv.
severityType	string	Filter field to get vulnerability info of particular severity level. This is comma separate values. For e.g. CRITICAL%2CHIGH.
filtredApplicationPattern	string	Filter field to get vulnerability info of particular application For e.g. ForkExec-Demo.
applicationUUID	string	Filter field to get vulnerability info of particular server on the basis of unique serverId For e.g. 74138551-d12f-40db-ac03-c25c98ee92f3.
applicationSha256	string	Filter field to get vulnerability info of particular application on the basis of application's sha256 For e.g. 8939b01b7ea6994eb456d853 7cbe2dc192cc4b8b989b033c26cbf836b1f528ea.
cve	string	Filter field to get vulnerability info of particular cve For This is comma separated values. e.g. CVE-2017-13098%2CCVE-2018-1000613.

Headers

Name	Type	Description
K2_API_ACCESSOR_TOKEN	string	K2 API Accessor token obtained from Accounts sections of K2 Portal for e.g. 5b2bf1fa-f4e1-daf9-a787-bd5eXXXXXXXX

200 Vulnerability Information successfully retrieved.

{
    "draw": null,
    "recordsFiltered": 1,
    "recordsTotal": 1,
    "data": [
        {
            "severity": "HIGH",
            "cve": "CVE-2017-5637",
            "componentSha256": "d47d35b9a10af53b7967ff4851bff832778539eed1e43fae6bfcb1f13576bdf5",
            "packageId": "",
            "description": "Two four letter word commands \"wchp/wchc\" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later.",
            "timestamp": 1618843675319,
            "applicationSHA": "f0e4dfc6049ec500647b0f8de067e568136652bcc9509cb377048f26c89023c3",
            "applicationUUID": "2bf85fc2-cd1f-458e-87ac-0d756b99f4f2",
            "component": "zookeeper-3.4.8.jar"
        }
      ]
 }

401 Firing Request with incorrect K2_API_ACCESSOR_TOKEN

{
  "errors": [
    "Incorrect username/password",
    "Incorrect K2_API_ACCESSOR_TOKEN",
    "User deleted/inactive"
  ],
  "errorType": "K2-Authentication",
  "status": "FAILURE"
}

500 Firing Request without required fields

{
  "errors": [
    "MissingServletRequestParameterException: Required Long parameter 'startTime' is not present"
  ],
  "errorType": "K2-MissingServletRequestParameterException",
  "status": "FAILURE"
}

Query Param Possible Values

severityType

[ "CRITICAL", "HIGH", "LOW", "MEDIUM", "NEGLIGIBLE", "UNKNOWN", "MODERATE" ]

cve

[ "CVE-2017-13098", "CVE-2018-1000613", "CVE-2014-9356" ]

cURL Example

curl --location --request GET 'https://k2io.net/centralmanager/api/v1/download/application/vulnerability/${K2_CUSTOMER_ID}?startTime=${START_TIME}&endTime=${END_TIME}&fileType=${DOWNLOAD_FILE_TYPE}' --header 'K2_API_ACCESSOR_TOKEN: ${YOUR_K2_API_ACCESSOR_TOKEN}'

For e.g.

curl --location --request GET 'https://k2io.net/centralmanager/api/v1/download/application/vulnerability/533?startTime=0&endTime=1617297401705&fileType=pdf' --header 'K2_API_ACCESSOR_TOKEN: 5b2bf1fa-f4e1-daf9-a787-bd5eXXXXXXXX'

Make sure to use --output flag in curl command and pass output pdf file name when you are using fileType=pdf option.

Responses

Here we will go through various kinds of response returned by Third Party Vulnerability API

JSON

{
    "draw": null,
    "recordsFiltered": 1,
    "recordsTotal": 1,
    "data": [
        {
            "severity": "HIGH",
            "cve": "CVE-2017-5637",
            "componentSha256": "d47d35b9a10af53b7967ff4851bff832778539eed1e43fae6bfcb1f13576bdf5",
            "packageId": "",
            "description": "Two four letter word commands \"wchp/wchc\" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later.",
            "timestamp": 1618843675319,
            "applicationSHA": "f0e4dfc6049ec500647b0f8de067e568136652bcc9509cb377048f26c89023c3",
            "applicationUUID": "2bf85fc2-cd1f-458e-87ac-0d756b99f4f2",
            "component": "zookeeper-3.4.8.jar"
        }
      ]
 }

CSV

CSV Response Returned By the Third Party Vulnerability API

PDF

PDF Response Returned by the Third Party Vulnerability API

Accessing Third Party Vulnerability Scan API Data On K2 Portal

You can access the data reported by Third Party Vulnerability Scan API Data on K2 Portal by using below link.

Use Advanced Filter and get filtered data.

Third Party Vulnerability Scan | K2 Portal