Inspector2 / Client / search_vulnerabilities

search_vulnerabilities#

Inspector2.Client.search_vulnerabilities(**kwargs)#

Lists Amazon Inspector coverage details for a specific vulnerability.

See also: AWS API Documentation

Request Syntax

response = client.search_vulnerabilities(
    filterCriteria={
        'vulnerabilityIds': [
            'string',
        ]
    },
    nextToken='string'
)
Parameters:
  • filterCriteria (dict) –

    [REQUIRED]

    The criteria used to filter the results of a vulnerability search.

    • vulnerabilityIds (list) – [REQUIRED]

      The IDs for specific vulnerabilities.

      • (string) –

  • nextToken (string) – A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

Return type:

dict

Returns:

Response Syntax

{
    'nextToken': 'string',
    'vulnerabilities': [
        {
            'atigData': {
                'firstSeen': datetime(2015, 1, 1),
                'lastSeen': datetime(2015, 1, 1),
                'targets': [
                    'string',
                ],
                'ttps': [
                    'string',
                ]
            },
            'cisaData': {
                'action': 'string',
                'dateAdded': datetime(2015, 1, 1),
                'dateDue': datetime(2015, 1, 1)
            },
            'cvss2': {
                'baseScore': 123.0,
                'scoringVector': 'string'
            },
            'cvss3': {
                'baseScore': 123.0,
                'scoringVector': 'string'
            },
            'cwes': [
                'string',
            ],
            'description': 'string',
            'detectionPlatforms': [
                'string',
            ],
            'epss': {
                'score': 123.0
            },
            'exploitObserved': {
                'firstSeen': datetime(2015, 1, 1),
                'lastSeen': datetime(2015, 1, 1)
            },
            'id': 'string',
            'referenceUrls': [
                'string',
            ],
            'relatedVulnerabilities': [
                'string',
            ],
            'source': 'NVD',
            'sourceUrl': 'string',
            'vendorCreatedAt': datetime(2015, 1, 1),
            'vendorSeverity': 'string',
            'vendorUpdatedAt': datetime(2015, 1, 1)
        },
    ]
}

Response Structure

  • (dict) –

    • nextToken (string) –

      The pagination parameter to be used on the next list operation to retrieve more items.

    • vulnerabilities (list) –

      Details about the listed vulnerability.

      • (dict) –

        Contains details about a specific vulnerability Amazon Inspector can detect.

        • atigData (dict) –

          An object that contains information about the Amazon Web Services Threat Intel Group (ATIG) details for the vulnerability.

          • firstSeen (datetime) –

            The date and time this vulnerability was first observed.

          • lastSeen (datetime) –

            The date and time this vulnerability was last observed.

          • targets (list) –

            The commercial sectors this vulnerability targets.

            • (string) –

          • ttps (list) –

            The MITRE ATT&CK tactics, techniques, and procedures (TTPs) associated with vulnerability.

            • (string) –

        • cisaData (dict) –

          An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.

          • action (string) –

            The remediation action recommended by CISA for this vulnerability.

          • dateAdded (datetime) –

            The date and time CISA added this vulnerability to their catalogue.

          • dateDue (datetime) –

            The date and time CISA expects a fix to have been provided vulnerability.

        • cvss2 (dict) –

          An object that contains the Common Vulnerability Scoring System (CVSS) Version 2 details for the vulnerability.

          • baseScore (float) –

            The CVSS v2 base score for the vulnerability.

          • scoringVector (string) –

            The scoring vector associated with the CVSS v2 score.

        • cvss3 (dict) –

          An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.

          • baseScore (float) –

            The CVSS v3 base score for the vulnerability.

          • scoringVector (string) –

            The scoring vector associated with the CVSS v3 score.

        • cwes (list) –

          The Common Weakness Enumeration (CWE) associated with the vulnerability.

          • (string) –

        • description (string) –

          A description of the vulnerability.

        • detectionPlatforms (list) –

          Platforms that the vulnerability can be detected on.

          • (string) –

        • epss (dict) –

          An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.

          • score (float) –

            The Exploit Prediction Scoring System (EPSS) score.

        • exploitObserved (dict) –

          An object that contains details on when the exploit was observed.

          • firstSeen (datetime) –

            The date an time when the exploit was first seen.

          • lastSeen (datetime) –

            The date an time when the exploit was last seen.

        • id (string) –

          The ID for the specific vulnerability.

        • referenceUrls (list) –

          Links to various resources with more information on this vulnerability.

          • (string) –

        • relatedVulnerabilities (list) –

          A list of related vulnerabilities.

          • (string) –

        • source (string) –

          The source of the vulnerability information. Possible results are RHEL, AMAZON_CVE, DEBIAN or NVD.

        • sourceUrl (string) –

          A link to the official source material for this vulnerability.

        • vendorCreatedAt (datetime) –

          The date and time when the vendor created this vulnerability.

        • vendorSeverity (string) –

          The severity assigned by the vendor.

        • vendorUpdatedAt (datetime) –

          The date and time when the vendor last updated this vulnerability.

Exceptions