CreateVulnerabilityLibraryIssue

This method can be used for the following functionality: Create a vulnerability in AttackForge internal vulnerability library.
Parameters
The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.
Headers
POST /api/ss/library/vulnerability HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close
Query
title (string)
Title for the vulnerability.
Example:
{
   "title": "..."
}
severity (number) (optional)
Severity of the vulnerability. Must be a number between 1 to 10.
Example:
{
   "severity": 10
}
likelihood_of_exploitation (number) (optional)
Likelihood of Exploitation for the vulnerability. Must be a number between 1 to 10.
Example:
{
   "likelihood_of_exploitation": 10
}
impact_on_confidentiality (string) (optional)
Impact on Confidentiality. Must be one of the following: High, Medium, Low, None
Example:
{
   "impact_on_confidentiality": "High"
}
impact_on_integrity (string) (optional)
Impact on Integrity. Must be one of the following: High, Medium, Low, None
Example:
{
   "impact_on_integrity": "High"
}
impact_on_availability (string) (optional)
Impact on Availability. Must be one of the following: High, Medium, Low, None
Example:
{
   "impact_on_availability": "High"
}
description (string)
Description of the vulnerability.
Example:
{
   "description": "..."
}
attack_scenario (string)
Attack Scenario for the vulnerability.
Example:
{
   "attack_scenario": "..."
}
remediation_recommendation (string)
Remediation Recommendation for the vulnerability.
Example:
{
   "remediation_recommendation": "..."
}
tags (array of strings) (optional)
Tags for the vulnerability.
Example:
{
   "tags": ["...", "...", "..."]
}
Example
The following example is a cURL request to create a vulnerability in the library.
Request
Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.
curl -X POST 'https://demo.attackforge.com/api/ss/library/vulnerability' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{
  "title": "SQL Injection",
  "severity": 10,
  "likelihood_of_exploitation": 10,
  "impact_on_confidentiality": "High",
  "impact_on_integrity": "High",
  "impact_on_availability": "High",
  "description": "Lorem Ipsum...",
  "attack_scenario": "Lorem Ipsum...",
  "remediation_recommendation": "Lorem Ipsum...",
  "tags": ["CWE-89", "Injection"]
}'
Response
Response contains a vulnerability object.
{
   "vulnerability": {
      "vulnerability_id": "...",
      "vulnerability_created": "...",
      "vulnerability_modified": "...",
      "vulnerability_title": "...",
      "vulnerability_severity": 10,
      "vulnerability_likelihood_of_exploitation": 10,
      "vulnerability_impact_on_confidentiality": "High",
      "vulnerability_impact_on_integrity": "High",
      "vulnerability_impact_on_availability": "High",
      "vulnerability_description": "...",
      "vulnerability_attack_scenario": "...",
      "vulnerability_remediation_recommendation": "...",
      "vulnerability_tags": ["...","..."]
   }
}
CreateVulnerabilityBulk
CreateVulnerabilityWithLibrary
Last updated 5 months ago