Vulnerability Group REST API - experimental

NEW IN RELEASE 152

Vulnerability Group REST API is currently an experimental API.

The Vulnerability Group REST API allows you to group multiple vulnerability IDs (CVEs and Sonatype vulnerability IDs) into custom vulnerability group names. These group names can be used to set up policy constraints.

User Permissions Required to Invoke this API call

  • Edit IQ Elements

Methods supported:

  1. POST
  2. DELETE
  3. GET

POST

You can create new custom vulnerability groups, by making an authenticated HTTP POST request:

POST /api/experimental/vulnerability/group/{ownerType: application|organization}/{ownerId}

where {ownerType: application|organization} is an owner type and {ownerId} is an owner identification.

Example:

curl -u admin:admin123 -X POST -H "Content-Type: application/json" -d '{"groupName":"Group CVE fix", "ownerId":"ROOT_ORGANIZATION_ID", "vulnerabilityIds":["CVE-2021-21350","CVE-2021-21342"]}' 'http://localhost:8070/api/experimental/vulnerability/group/organization/ROOT_ORGANIZATION_ID'

where Group CVE fix is the custom group name containing vulnerabilities CVE-2021-21350 and CVE-2021-21342.

Response:

Returns the ID of the created Vulnerability Group:

bd40c64b493042f9944d73ac3241fab7

You can update the name of an existing vulnerability group by making an authenticated HTTP POST request:

POST /api/experimental/vulnerability/group/{ownerType: application|organization}/{ownerId}

Where {ownerType: application|organization} is an owner type and {ownerId} is an owner identification.

Example:

curl -u admin:admin123 -X POST -H "Content-Type: application/json" -d '{"vulnerabilityGroupId":"bd40c64b493042f9944d73ac3241fab7", "groupName":"Group CVE fix updated", "ownerId":"ROOT_ORGANIZATION_ID", "vulnerabilityIds":["CVE-2021-21350","CVE-2021-21342"]}' 'http://localhost:8070/api/experimental/vulnerability/group/organization/ROOT_ORGANIZATION_ID'

where Group CVE fix updated is the new name for the vulnerability group.

Response:

Returns the ID of the updated Vulnerability Group:

bd40c64b493042f9944d73ac3241fab7

DELETE

You can delete an existing vulnerability group by making an authenticated HTTP DELETE request:

DELETE /api/experimental/vulnerability/group/{ownerType: application|organization}/{ownerId}/{vulnerabilityGroupId}

where {ownerType: application|organization} is an owner type, {ownerId} is an owner identification, and {vulnerabilityGroupId} is the ID of the vulnerability group to delete.

Example:

curl -u admin:admin123 -X DELETE 'http://localhost:8070/api/experimental/vulnerability/group/organization/ROOT_ORGANIZATION_ID/bd40c64b493042f9944d73ac3241fab7'

Where bd40c64b493042f9944d73ac3241fab7 is the vulnerability group ID to be deleted.

Response:

Returns HTTP 204 code.

GET

You can retrieve data for an existing vulnerability group by making an authenticated HTTP GET request and using the vulnerability group name:

GET /api/experimental/vulnerability/group/{ownerType: application|organization}/{ownerId}/name/{groupName}

Where {ownerType: application|organization} is an owner type, {ownerId} is an owner identification, and {groupName} is the name of the vulnerability group.

Example:

curl -u admin:admin123 -X GET 'http://localhost:8070/api/experimental/vulnerability/group/organization/ROOT_ORGANIZATION_ID/name/Group%20CVE%20fix'

Where the existing vulnerability group name is Group CVE fix.

Response:

Returns a JSON of the following structure (the JSON below is an example and does not contain proprietary data):

{
  "vulnerabilityGroupId": "bd40c64b493042f9944d73ac3241fab7",
  "groupName": "Group CVE fix",
  "vulnerabilityIds": [
    "CVE-2021-21350",
    "CVE-2021-21342"
  ],
  "ownerId": "ROOT_ORGANIZATION_ID"
}

You can retrieve data for an existing vulnerability group by making an authenticated HTTP GET request and using the vulnerability group ID:

GET /api/experimental/vulnerability/group/{ownerType: application|organization}/{ownerId}/{vulnerabilityGroupId}

Where {ownerType: application|organization} is an owner type,  {ownerId} is an owner identification, and {vulnerabilityGroupId} is the ID of the Vulnerability Group to retrieve.

Example:

curl -u admin:admin123 -X GET 'http://localhost:8070/api/experimental/vulnerability/group/organization/ROOT_ORGANIZATION_ID/bd40c64b493042f9944d73ac3241fab7'

Where bd40c64b493042f9944d73ac3241fab7 is the vulnerability group ID.

Response:

Returns a JSON of the following structure (the JSON below is an example and does not contain proprietary data):

{
  "vulnerabilityGroupId": "bd40c64b493042f9944d73ac3241fab7",
  "groupName": "Group CVE fix",
  "vulnerabilityIds": [
    "CVE-2021-21350",
    "CVE-2021-21342"
  ],
  "ownerId": "ROOT_ORGANIZATION_ID"
}

You can retrieve data for all existing vulnerability groups created by a specific owner, by making an authenticated HTTP GET request and using the owner ID:

GET /api/experimental/vulnerability/group/{ownerType: application|organization}/{ownerId}/list

Where {ownerType: application|organization} is an owner type and  {ownerId} is an owner identification.

Example:

curl -u admin:admin123 -X GET 'http://localhost:8070/api/experimental/vulnerability/group/organization/ROOT_ORGANIZATION_ID/list'

Where ROOT_ORGANIZATION_ID is the ownerID under which the vulnerability groups are created.

Response:

Returns a JSON of the following structure containing all vulnerability groups under the owner ID ROOT_ORGANIZATION_ID.

(This is an example and does not contain proprietary data.)

[
  {
    "vulnerabilityGroupId": "19b5794c82a148a9a89b8b31306f7875",
    "groupName": "Group 1",
    "vulnerabilityIds": [
      "CVE-2021-21350",
      "CVE-2021-21342"
    ],
    "ownerId": "ROOT_ORGANIZATION_ID"
  },
  {
    "vulnerabilityGroupId": "bd40c64b493042f9944d73ac3241fab7",
    "groupName": "Group CVE fix",
    "vulnerabilityIds": [
      "CVE-2021-21350",
      "CVE-2021-21342"
    ],
    "ownerId": "ROOT_ORGANIZATION_ID"
  }
]