Deployment Task 

This is for customer who wants to obtain a list of images that contain a specific CVE reference 


Deployment Steps 

There is an API call for getting all images that contain a certain vulnerability (CVE).   

 

After sending a POST request to login to your Aqua instance, run the following command. 

 

http://<YourAquaInstanceHostnameOrIP>:8080/api/v2/risks/vulnerabilities?include_vpatch_info=true&show_negligible=true&page=1&pagesize=50&skip_count=true&text_search=CVE-<Year>-<CVE Number> 

 
Example Execution 

 

 

Using Linux/Windows CuRL command and creds.json containing id/pw. 

 

$ cat creds.json 

{ 

"id": "administrator", 

"password": "Password1" 

} 

Our POST/Authentication call to obtain bearer token 

$ curl -i -X POST -H "Content-Type:application/json" -d @creds.json http://aqua-host:8080/api/v1/login 

HTTP/1.1 200 OK 

Cache-Control: no-cache, no-store, must-revalidate, max-age=0 

Content-Type: application/json; charset=UTF-8 

X-Content-Type-Options: nosniff 

X-Frame-Options: SAMEORIGIN 

X-Xss-Protection: 1; mode=block 

Date: Mon, 18 Nov 2019 12:58:46 GMT 

Content-Length: 749 

  

{"token":"eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzQxMTQzMjYsImZpcnN0X3RpbWUiOmZhbHNlLCJpYXQiOjE1NzQwODE5MjYsIm5hbWUiOiJhZG1pbmlzdHJhdG9yIiwib3V0c2lkZV9hdXRoIjpmYWxzZSwicm9sZXMiOlsiQWRtaW5pc3RyYXRvciJdLCJzdWIiOiJhZG1pbmlzdHJhdG9yIn0.M_oKQugSCBAYPMgCny4DfCfk7s2-aygemafwo6-rVe11kZuQIBu1heE6zYeg206N0PrqWgd0rV40nb_Gyd54XOwwK7hUYy1bysv864A0B7eeMYJWEc8wqMb7gu4tq9Ymrq8dlh9CPiYIjc_t4v5AgFBjgMCwJ-y57PKZ2W9tn40l8nlVE1DsJAEpfi3llSCWcpP75prwLyBLFZ2j0X7-2Q-zSu1e3pfwMbCrv8GLS31vYpCZYRZXxkRyISllYB7AryF9ths3CSdKm7l4PVQVNm0pmAqAUfzV9oAcj4UuGanWYCpFt8k4J2C6FLmSFw6hYvcLIPHmH_xijaFwpdafwQ","user":{"id":"administrator","name":"administrator","role":"Administrator","first_time":false,"is_super":true,"ui_access":true,"actions":{}},"license_type":"POC"} 

 

Create an environment variable called ‘token’ for the bearer token using export token="eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzQxMTQzMjYsImZpcnN0X3RpbWUiOmZhbHNlLCJpYXQiOjE1NzQwODE5MjYsIm5hbWUiOiJhZG1pbmlzdHJhdG9yIiwib3V0c2lkZV9hdXRoIjpmYWxzZSwicm9sZXMiOlsiQWRtaW5pc3RyYXRvciJdLCJzdWIiOiJhZG1pbmlzdHJhdG9yIn0.M_oKQugSCBAYPMgCny4DfCfk7s2-aygemafwo6-rVe11kZuQIBu1heE6zYeg206N0PrqWgd0rV40nb_Gyd54XOwwK7hUYy1bysv864A0B7eeMYJWEc8wqMb7gu4tq9Ymrq8dlh9CPiYIjc_t4v5AgFBjgMCwJ-y57PKZ2W9tn40l8nlVE1DsJAEpfi3llSCWcpP75prwLyBLFZ2j0X7-2Q-zSu1e3pfwMbCrv8GLS31vYpCZYRZXxkRyISllYB7AryF9ths3CSdKm7l4PVQVNm0pmAqAUfzV9oAcj4UuGanWYCpFt8k4J2C6FLmSFw6hYvcLIPHmH_xijaFwpdafwQ" 

 

Run the API using the bearer token.  

 

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current 

                                 Dload  Upload   Total   Spent    Left  Speed 

100  5049    0  5049    0     0   249k      0 --:--:-- --:--:-- --:--:--  259k 

{ 

  "count": 0, 

  "page": 1, 

  "pagesize": 50, 

  "result": [ 

    { 

      "registry": "Docker Hub", 

      "image_repository_name": "amd64/node", 

      "image_name": "amd64/node:12.5.0-slim", 

      "image_digest": "19d9de7764eab4f7cebc5221c8447bd6e70ba810b6e9560db6588232c2f36cfb", 

      "referenced_vulnerabilities": null, 

      "resource": { 

        "type": "package", 

        "format": "deb", 

        "path": "", 

        "name": "curl", 

        "version": "7.52.1-5+deb9u9", 

        "arch": "amd64", 

        "cpe": "pkg:/debian:9:curl:7.52.1-5+deb9u9", 

        "licenses": null, 

        "hash": "" 

      }, 

      "name": "CVE-2019-5436", 

      "description": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", 

      "publish_date": "2019-05-28", 

      "modification_date": "2019-06-09", 

      "vendor_severity": "negligible", 

      "vendor_cvss2_score": 0, 

      "vendor_cvss2_vectors": "", 

      "vendor_cvss3_severity": "high", 

      "vendor_cvss3_score": 7.8, 

      "vendor_cvss3_vectors": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", 

      "vendor_statement": "Minor issue, can be fixed along in next DSA\nhttps://curl.haxx.se/docs/CVE-2019-5436.html\nIntroduced by: https://github.com/curl/curl/commit/0516ce7786e95\nFixed by: https://github.com/curl/curl/commit/2576003415625d7b5f0e390902f8097830b82275", 

      "nvd_severity": "medium", 

      "nvd_cvss2_score": 4.6, 

      "nvd_cvss2_vectors": "AV:L/AC:L/Au:N/C:P/I:P/A:P", 

      "nvd_cvss3_severity": "high", 

      "nvd_cvss3_score": 7.8, 

      "nvd_cvss3_vectors": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", 

      "fix_version": "", 

      "solution": "", 

      "classification": "The operating system vendor has classified the issue as a bug rather than a security issue, therefore the vulnerability has been classified as having negligible severity", 

      "qualys_ids": null, 

      "aqua_score": 0, 

      "aqua_severity": "negligible", 

      "aqua_vectors": "", 

      "aqua_scoring_system": "CVSS V2" 

    }, 

    { 

      "registry": "Docker Hub", 

      "image_repository_name": "amd64/node", 

      "image_name": "amd64/node:slim", 

      "image_digest": "5f723c4f676517f36001422ee70c3b0eecff1a2caa859be75df41421822d7aae", 

      "referenced_vulnerabilities": null, 

      "resource": { 

        "type": "package", 

        "format": "deb", 

        "path": "", 

        "name": "curl", 

        "version": "7.52.1-5+deb9u9", 

        "arch": "amd64", 

        "cpe": "pkg:/debian:9:curl:7.52.1-5+deb9u9", 

        "licenses": null, 

        "hash": "" 

      }, 

      "name": "CVE-2019-5436", 

      "description": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", 

      "publish_date": "2019-05-28", 

      "modification_date": "2019-06-09", 

      "vendor_severity": "negligible", 

      "vendor_cvss2_score": 0, 

      "vendor_cvss2_vectors": "", 

      "vendor_cvss3_severity": "high", 

      "vendor_cvss3_score": 7.8, 

      "vendor_cvss3_vectors": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", 

      "vendor_statement": "Minor issue, can be fixed along in next DSA\nhttps://curl.haxx.se/docs/CVE-2019-5436.html\nIntroduced by: https://github.com/curl/curl/commit/0516ce7786e95\nFixed by: https://github.com/curl/curl/commit/2576003415625d7b5f0e390902f8097830b82275", 

      "nvd_severity": "medium", 

      "nvd_cvss2_score": 4.6, 

      "nvd_cvss2_vectors": "AV:L/AC:L/Au:N/C:P/I:P/A:P", 

      "nvd_cvss3_severity": "high", 

      "nvd_cvss3_score": 7.8, 

      "nvd_cvss3_vectors": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", 

      "fix_version": "", 

      "solution": "", 

      "classification": "The operating system vendor has classified the issue as a bug rather than a security issue, therefore the vulnerability has been classified as having negligible severity", 

      "qualys_ids": null, 

      "aqua_score": 0, 

      "aqua_severity": "negligible", 

      "aqua_vectors": "", 

      "aqua_scoring_system": "CVSS V2" 

    }, 

    { 

      "registry": "Docker Hub", 

      "image_repository_name": "centos", 

      "image_name": "centos:centos7.6.1810", 

      "image_digest": "90aaca598284c4f89b9a18542ab68b235bb5eef3f8c6ed0cdbe227b995981064", 

      "referenced_vulnerabilities": null, 

      "resource": { 

        "type": "package", 

        "format": "rpm", 

        "path": "", 

        "name": "curl", 

        "version": "7.29.0-51.el7", 

        "arch": "x86_64", 

        "cpe": "pkg:/centos:7:curl:7.29.0-51.el7", 

        "licenses": [ 

          "MIT" 

        ], 

        "hash": "" 

      }, 

      "name": "CVE-2019-5436", 

      "description": "\nA heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", 

      "publish_date": "2019-05-28", 

      "modification_date": "2019-06-09", 

      "vendor_severity": "medium", 

      "vendor_cvss2_score": 5, 

      "vendor_cvss2_vectors": "", 

      "vendor_cvss3_severity": "medium", 

      "vendor_cvss3_score": 5.5, 

      "vendor_cvss3_vectors": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", 

      "vendor_statement": "", 

      "nvd_severity": "medium", 

      "nvd_cvss2_score": 4.6, 

      "nvd_cvss2_vectors": "AV:L/AC:L/Au:N/C:P/I:P/A:P", 

      "nvd_cvss3_severity": "high", 

      "nvd_cvss3_score": 7.8, 

      "nvd_cvss3_vectors": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", 

      "fix_version": "", 

      "solution": "", 

      "classification": "", 

      "qualys_ids": null, 

      "aqua_score": 5.5, 

      "aqua_severity": "medium", 

      "aqua_vectors": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", 

      "aqua_scoring_system": "CVSS V3" 

    } 

  ] 

} 

 

 

Related Information