Vulnerability APIs
This topic describes the REST APIs for the vulnerabilities in BMC Helix Automation Console.
The base URL for the API is: https://<serverName>/api/v1/violations
POST/api/v1/violations/search/vulnerabilities
Creates all assets.
Request body: No parameters
Sample request
"filters": {
"asset_name": [
"Asset Test 1",
"Asset Test 2"
],
"os_type": [
"Windows",
"Linux"
],
"cve_ids": [
"CVE-2014-3596",
"CVE-2014-3593"
],
"severity": [
"1",
"2",
"3",
"4",
"5"
],
"violation_name": "Violation Test 1",
"policy": "d41cedbb-a981-4a46-b658-29a5a38370c9",
"vat_state": [
3,
4,
5,
6,
7,
8
],
"search_text": "NetBIOS Name Accessible"
},
"pagesize": 0,
"limit": 0
}
Responses
Code | Description |
200 | OK |
204 | |
401 | Unauthorized |
500 | Internal Server Error |
Sample response
"summary": [
{
"id": "cd41cedbb-a981-4a46-b658-29a5a3837077",
"name": "Red Hat Update for procmail (RHSA-2014-1172)",
"impacted_targets": "40",
"cve_ids": "CVE-2014-3596, CVE-2014-3593",
"severity": "CRITICAL,HIGH,MEDIUM or LOW",
"classification": "security",
"unique_id": "30",
"type": "vulnerability",
"properties": {
"consequence": "Please contact helpdesk for more details",
"solution": "We are not currently aware of any fixes for this issue.",
"vendor": "Qualys",
"elaboration": "Created Using BSA Appserver: b01 Applicable to Patch OS Type:Unknown."
},
"source_type": "Qualys",
"state": "CREATED",
"remediation_details": [
{
"id": "123",
"name": "123"
}
],
"remediation_type": [
"patch"
]
}
],
"total_record": "1000"
}
POST/api/v1/violations/search/vats
Creates all vats.
Request body: No parameters
Sample request
"filters": {
"asset_name": [
"Asset Test 1",
"Asset Test 2"
],
"os": [
"Windows",
"Linux"
],
"cve_ids": [
"CVE-2014-3596",
"CVE-2014-3593"
],
"severity": [
"1",
"2",
"3",
"4",
"5"
],
"violation_name": "Violation Test 1",
"policy": "d41cedbb-a981-4a46-b658-29a5a38370c9",
"vat_state": [
3,
4,
5,
6,
7,
8
],
"search_text": "NetBIOS Name Accessible"
},
"pagesize": 0,
"limit": 0
}
Responses
Code | Description |
200 | OK |
204 | |
401 | Unauthorized |
500 | Internal Server Error |
Sample response
"summary": [
{
"vat_id": "cd41cedbb-a981-4a46-b658-29a5a3837077",
"asset_name": "clm-pun-01234",
"em_asset_name": "172.100.12.14",
"content": {
"name": "string",
"path": "string",
"content_type": "string",
"content_id": "string",
"properties": [
{
"name": "string",
"value": "string"
}
]
}
}
],
"total_record": "1000"
}
POST/api/v1/violations/auto-map
Maps vulnerabilities with remediation content for all the specified cveids.
Request body: No parameters
Sample request
"cve_ids": [
"CVE-2012-0174",
"CVE-2015-2426"
]
}
Responses
Code | Description |
200 | OK |
204 | |
401 | Unauthorized |
500 | Internal Server Error |
put/api/v1/violations/manual-map/{id}
Manually maps the remediation content to the specified vulnerability.
Request body
Parameter | Description |
|---|---|
id |
Sample request
"evaluate_rules": true,
"remediation_artifacts": [
{
"content": {
"content_id": "123",
"name": "Test nsh script",
"path": "depo\\scripts",
"content_type": "NSHScript",
"properties": [
{}
]
},
"is_and_condition": true,
"conditions": [
{
"property_name": "OS | OS_PLATFORM | OS_VERSION | OS_PATCH_LEVEL | OS_VENDOR | OS_RELEASE",
"property_value": "LINUX | LINUX | 11 | 3 | SUSE | 11.2",
"operator": "contains"
}
]
}
]
}
Responses
Code | Description |
200 | OK |
401 | Unauthorized |
404 | Not Found |
500 | Internal Server Error |
DELETE/api/v1/violations/unmap{id}
Removes the mapped remediation contents for the vulnerability.
Request body
Parameter | Description |
id |
Responses
Code | Description |
200 | OK |
404 | Error |