API Changelog
Current version of the Cisco PSIRT OpenVuln API is Version 2.0
NOTE: Cisco will support CVRF until December 31, 2023. CSAF is the industry standard that replaces CVRF.
Version 2.0
Added
11th June 2025:
- Added support for date filters (startDate and endDate) for search by Retrieve All Advisories Impacting a Specific version of Cisco Network Operating System.
5th April 2024:
- The OpenVuln API did not support exact search functionality; instead, it retrieves advisories based on a broader 'like' search, which may include all related products. API behaviour has changed so when a user inputs a keyword, the API should first attempt to find advisories that “exactly matches” product name. If an exact result is found, the API will return these specific advisories. In case exact search find no results, the API should automatically switch to a broader search like the API use to.
22nd August 2023:
- Retrieve Advisories Impacting a Specific version of Cisco Network Operating System endpoint, now returns SMU information available in the field "smu".
17th April 2023:
- Base URI and domain name change due to Changes while working with Cisco API's.
- IMPORTANT: Applications registered on the Cisco API console prior to March 1, 2023 will be deprecated by September 30, 2023. Please register a new application to continue using API’s and update the token URL as well as domain name in the API endpoint URL. See Changes while working with Cisco API's. for instructions
PSIRT API base domain: api.cisco.com for applications registered prior March 1, 2023.
PSIRT API base domain: apix.cisco.com for applications registered post March 1, 2023.
NOTE: The original base domain api.cisco.com will be sunset in the future. Please update code to support the new base URL.
5th August 2022: Introduced support for additional platforms for Software Checker - ASA, FTD, FMC and FXOS
1st August 2022:
- Introduced new BasePath/BaseURL. Changed from security/advisories/ to security/advisories/v2/
- security/advisories/ will be sunset at a future date.
- All new endpoints will be developed only under security/advisories/v2
Deprecated
5th August 2022: Legacy API endpoints with /security/advisories/cvrf/ have been made obsolete. Returns a Response code of 410 with "errorCode": "URI_NOT_AVAILABLE" and "errorMessage": "URI containing (/cvrf/) is no longer available"