Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3541
Views
0
Helpful
1
Replies

Cisco PSIRT Python openVulnQuery script errors

MikeS_Net
Level 1
Level 1

‎01-07-2019 12:51 PM

Hi, I am working on a python script to iterate over a list of models and versions and query Cisco PSIRT using openVulnQuery to return the recommended version of IOS and relevant vulnerabilities. I have registered for API access and have a username/password but my code is not working. 

 

#!/usr/bin/env python
from openVulnQuery import query_client

query_client = query_client.OpenVulnQueryClient(client_id='my_id',
client_secret='my_secret')

#test = query_client.get_by_severity(adv_format="cvrf")
#filter1 = query_client.FirstPublished('2018-12-01', '2018-12-18')
#advisories = client.get_by_all(adv_format='cvrf', all_adv='all', a_filter=filter1)
advisories = query_client.get_by_year(year=2010, adv_format='cvrf')
advisories = query_client.get_by_ios_xe('ios', '3.16.1S')
print(advisories)

 

I during development I received some errors:

  • $ ./getVuln.py
    Traceback (most recent call last):
    File "./getVuln.py", line 7, in <module>
    test = query_client.get_by_severity(adv_format="cvrf")
    TypeError: get_by_severity() takes at least 3 arguments (2 given)

Unable to find any documentation about what arguments it is looking for.

 

Then I would get a KeyError:

  • $ ./getVuln.py
    Traceback (most recent call last):
    File "./getVuln.py", line 10, in <module>
    advisories = query_client.get_by_year(year=2010, adv_format='cvrf')
    File "/home/ms/.local/lib/python2.7/site-packages/openVulnQuery/_library/query_client.py", line 122, in get_by_year
    return self.advisory_list(advisories['advisories'], adv_format)
    File "/home/ms/.local/lib/python2.7/site-packages/openVulnQuery/_library/query_client.py", line 223, in advisory_list
    for adv in advisories]
    File "/home/ms/.local/lib/python2.7/site-packages/openVulnQuery/_library/advisory.py", line 130, in advisory_factory
    adv_map[k] = adv_data[v]
    KeyError: 'iosRelease'

I tried with python 2 and 3 with similar results. I am not sure how to proceed so if anyone has working code that I can stare and compare with I would appreciate your help. It seems like the KeyError issue is referring to issues within the openVulnQuery libraries themselves but I am not sure. 

 

I am just learning Python so I apologize if this is simple...

 

Thank you

 

0 Helpful
1 Reply 1

Omar Santos
Cisco Employee
Cisco Employee

‎01-20-2019 08:05 PM

Try a couple of things:

1. Change:

adv_format='cvrf'

to:

adv_format='default'

...we tool the cvrf and oval statement requirements a while back

2. Make sure that you are running the latest version of the openVulnQuery client (v1.30)

 

 

└──╼ #pip show openVulnQuery
Name: OpenVulnQuery
Version: 1.30
Summary: A python-based module(s) to query the Cisco PSIRT openVuln API.
Home-page: https://github.com/CiscoPSIRT/openVulnAPI/tree/master/openVulnQuery
Author: Omar Santos
Author-email: os@cisco.com
License: The MIT License (MIT)
Location: /opt/conda/lib/python3.7/site-packages
Requires: requests, argparse

 

0 Helpful
Customers Also Viewed These Support Documents