AttackForge Enterprise

GetProjectVulnerabilitiesById

This method can be used for the following functionality: Get all vulnerabilities for a project you have access to, by project identifier (Id).

Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

Headers

GET /api/ss/project/:id/vulnerabilities HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close

Query

id (string)

Identifier for the project.

Example:

GET /api/ss/project/5e48c12ec0376309d73aad71/vulnerabilities HTTP/1.1

startDate (string) (optional)

Start date to query vulnerabilities from, based on creation date. String in YYYY-MM-DD format.

Example:

GET /api/ss/project/5e48c12ec0376309d73aad71/vulnerabilities?startDate=2020-01-01 HTTP/1.1

endDate (string) (optional)

End date to query vulnerabilities to, based on creation date. String in YYYY-MM-DD format.

Example:

GET /api/ss/project/5e48c12ec0376309d73aad71/vulnerabilities?endDate=2020-12-31 HTTP/1.1

priority (string) (optional)

Priority for vulnerabilities returned. Must be one of the following: Critical, High, Medium, Low, Info

Example:

GET /api/ss/project/5e48c12ec0376309d73aad71/vulnerabilities?priority=Critical HTTP/1.1

Example

The following example is a cURL request to get all Critical vulnerabilities on a project created between 1st January 2020 and 31st December 2020.

Request

Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.

curl -X GET 'https://demo.attackforge.com/api/ss/project/5e48c12ec0376309d73aad71/vulnerabilities?startDate=2020-01-01&endDate=2020-12-31&priority=Critical' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close'

Response

Response contains an array of vulnerability objects.

{
"count": 999,
"vulnerabilities":[
{
"vulnerability_id": "...",
"vulnerability_created": "...",
"vulnerability_modified": "...",
"vulnerability_title": "...",
"vulnerability_priority": "...",
"vulnerability_status": "...",
"vulnerability_status_updated": "...",
"vulnerability_retest": "...",
"vulnerability_likelihood_of_exploitation": 10,
"vulnerability_steps_to_reproduce": "...",
"vulnerability_steps_to_reproduce_HTML": "...",
"vulnerability_tags": ["...","..."],
"vulnerability_is_zeroday": "...",
"vulnerability_notes": [{"note":"..."},{"note":"..."}],
"vulnerability_description": "...",
"vulnerability_attack_scenario": "...",
"vulnerability_remediation_recommendation": "...",
"vulnerability_remediation_notes": [{"note":"...","created":"...","created_by":"..."}],
"vulnerability_affected_asset_name": "...",
"vulnerability_affected_asset_id": "...",
"vulnerability_affected_asset_library_id": "...",
"vulnerability_affected_asset_library_external_id": "...",
"vulnerability_project_name": "...",
"vulnerability_project_id": "...",
"vulnerability_discovered_by": "...",
"vulnerability_evidence": [{"file_name":"...","file_name_custom":"...","storage_name":"...","file_type":"...","file_size_kb":"..."}]
}
]
}