Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Log in to VINCE.
  2. Go to your User Profile.
  3. Scroll down to "Generate API Key".
  4. Copy they API key to a safe place, you will not be able to access it again. If lost, you need to regenerate a new one.
  5. Use the API key in the headers of your request as shown below.

Image RemovedImage Added

Code Block
languagepy
headers={'Authorization': "Token {}".format(token)}

...

Code Block
languagejs
#API: /vince/comm/api/case/710582/note/ # get draft vul note
{   'content': '### Overview\r\n'
               '\r\n'
               'Testing API so need some content.\r\n'
               '\r\n'
               '\r\n'
               '### Description\r\n'
               '\r\n'
               '### Impact\r\n'
               'The complete impact of this vulnerability is not yet known.\r\n'
               '\r\n'
               '### Solution\r\n'
               'The CERT/CC is currently unaware of a practical solution to '
               'this problem.\r\n'
               '\r\n'
               '### Acknowledgements\r\n'
               'Thanks to the reporter who wishes to remain anonymous.\r\n'
               '\r\n'
               'This document was written by Emily Sarneso.',
    'datefirstpublished': None,
    'dateupdated': '2020-11-17T19:13:07.755453Z',
    'published': False,
    'references': ['www.example.org', 'www.example.com'],
    'revision': 2,
    'title': 'test',
    'vuid': '785701'}

...

Get Vulnerability Advisory in CSAF format 

Code Block
languagepy
#update vendor status# get the vulnerability note, if available
api = f'https://kb.cert.org/vince/comm/api/case/{case}495801/vendorcsaf/statement/'
data headers= [{'vendorcontent-type': 3548, 
	'status':'Not Affected', 
	'references':["http://www.test.gov", "https://www.'application/json', 'Authorization': "Token {}".format(token) }
r = requests.get(api, headers=headers, stream=True)
print(r.text)
Code Block
languagejs
#API: /vince/comm/api/case/495801/csaf/ # get draft vul note {
    "document": {
        "acknowledgments": [
            {
                "urls": [
                    "https://kb.cert.org/vuls/id/495801#acknowledgements"
                ]
            }
        ],
        "category": "CERT/CC Vulnerability Note",
        "csaf_version": "2.0",
        "notes": [
            {
                "category": "summary",
                "text": "### Overview\r\n\r\nVersions 1.1.5 and earlier of the mu HTTP deamon ......",
                "title": "Summary"
            }
        ],
        "publisher": {
            "category": "coordinator",
            "contact_details": "Email: cert@cert.org, Phone: +1412 268 5800",
            "issuing_authority": "CERT/CC under DHS/CISA https://www.cisa.gov/cybersecurity also see https://kb.cert.org/ ",
            "name": "CERT/CC",
            "namespace": "https://kb.cert.org/"
        },
        "references": [
            {
                "url": "https://vuls.cert.org/confluence/display/Wiki/Vulnerability+Disclosure+Policy",
                "summary": "CERT/CC vulnerability disclosure policy"
            },
            {
                "summary": "CERT/CC document released",
                "category": "self",
                "url": "https://kb.cert.org/vuls/id/495801"
            },
            {
                "url": "https://derekabdine.com/blog/2022-arris-advisory",
                "summary": "https://derekabdine.com/blog/2022-arris-advisory"
            },
            {
                "url": "https://www.cisa.gov/uscert/ncas/tips/ST15-002",
                "summary": "https://www.cisa.gov/uscert/ncas/tips/ST15-002"
            }
        ],
        "title": "muhttpd versions 1.1.5 and earlier are vulnerable to path traversal",
        "tracking": {
            "current_release_date": "2022-08-05 20:02:52.605648+00:00",
            "generator": {
                "engine": {
                    "name": "VINCE",
                    "version": "1.50.3"
                }
            },
            "id": "VU#495801",
            "initial_release_date": "2022-08-04 18:22:24.069865+00:00",
            "revision_history": [
                {
                    "date": "2022-08-05 20:02:52.605648+00:00",
                    "number": "1.20220805200252.2",
                    "summary": "Released on 2022-08-05 20:02:52.605648+00:00"
                }
            ],
            "status": "final",
            "version": "1.20220805200252.2"
        }
    },
    "vulnerabilities": [
        {
            "title": "The base firmware for this modem contains an MIT-licensed web server from an individual developer called \"muhttpd.",
            "notes": [
                {
                    "category": "summary",
                    "text": "The base firmware for this modem contains an MIT-licensed web server from an individual developer called \"muhttpd.\" This server has been unmaintained since 2010. The server has a path traversal vulnerability that allows any file on the modem to be read as root"
                }
            ],
            "cve": "CVE-2022-31793",
            "ids": [
                {
                    "system_name": "CERT/CC V Identifier ",
                    "text": "VU#495801"
                }
            ],
            "product_status": {
                "known_not_affected": [
                    "CSAFPID-eb07f774-32d4-11ed-aeca-0aa659cdc35f"
                ]
            }
        }
    ],
    "product_tree": {
        "branches": [
            {
                "category": "vendor",
                "name": "AT&T",
                "product": {
                    "name": "AT&T Products",
                    "product_id": "CSAFPID-eb07f774-32d4-11ed-aeca-0aa659cdc35f"
                }
            },
            {
                "category": "vendor",
                "name": "SaskTel",
                "product": {
                    "name": "SaskTel Products",
                    "product_id": "CSAFPID-eb082dc0-32d4-11ed-aeca-0aa659cdc35f"
                }
            }
        ]
    }
}

Update vendor status

Code Block
languagepy
#update vendor status
api = f'https://kb.cert.org/vince/comm/api/case/{case}/vendor/statement/'
data = [{'vendor': 3548, 
	'status':'Not Affected', 
	'references':["http://www.test.gov", "https://www.google.com"], 
	'share':True,
	'vulnerability':'CVE-2020-19293', 
	'statement': 'This is my statement'}, 
	{'vendor': 3548, 
	'status':'Affected', 
	'statement':"Test", 
	'references':["http://www.test.gov","https://www.google.com"], 
	'share':True,
	'vulnerability':'VU#785701.2'}]
r = requests.post(api, headers=headers, data=json.dumps(data))
print(r.text)

...

Code Block
# lookup CVE-2021-55555 - must have access to case otherwise 404 
api = f'https://kb.cert.org/vince/comm/api/vuls/cve/20212020-5555519293/' 
headers={'content-type':'application/json', 'Authorization': "Token {}".format(token) } 
r = requests.get(api, headers=headers, stream=True) 
print(r.text)

...