Retrieve Advisory based on Software Version
The Cisco PSIRT OpenVuln API allows users to query the Cisco Software Checker.
Supported network operating systems are:
- Cisco Adaptive Security Appliance (ASA) Software (asa)
- Cisco Firepower eXtensible Operating System (FXOS) (fxos)
- Cisco Firepower Threat Defense (FTD) Software (ftd)
- Cisco IOS Software (ios)
- Cisco IOS XE Software (iosxe)
- Cisco NX-OS Software (nxos)
- Cisco NX-OS Software in ACI mode (aci)
- Cisco Secure Firewall Management Center (FMC) Software (fmc)
NOTE: For Cisco ASA, FMC, FTD and FXOS Software, the tool only contains vulnerability information for Cisco Security Advisories first published from January, 2022 onward, and for NX-OS Software and NX-OS Software in ACI Mode from July, 2019 onward.
Additionally the following Network Operating Systems (NOS) allow you to specify the platform in a query:
- Cisco Adaptive Security Appliance (ASA) Software (asa)
- Cisco Firepower Threat Defense (FTD) Software (ftd)
- Cisco Firepower eXtensible Operating System (FXOS) (fxos)
- Cisco NX-OS Software (nxos)
1. Retrieve Cisco Software Versions that exist in Cisco Software Checker
Request
To obtain the list of software versions for a network operating system available in Cisco Software Checker you can perform the following query. The following example shows retrieving all software versions used for Cisco IOS Softwrae.
curl -X GET "https://apix.cisco.com/security/advisories/v2/OS_version/OS_data?OSType=ios"
NOTE: You must specify one NOS type in the OSType field.
2. Retrieve Cisco Platform Names that exist in Cisco Software Checker
Request
To obtain the list of platforms used for a network operating system available in Cisco Software Checker you can perform the following query. The following example shows retrieving all platform Aliases used for Cisco NXOS Sofware.
curl -X GET "https://apix.cisco.com/security/advisories/v2/platforms?OSType=nxos"
3. Retrieve All Advisories Impacting a Specific version of Cisco Network Operating System
Request
To obtain the list of all advisories impacting release 17.2.1 of Cisco IOS XE Software
curl -X GET "https://apix.cisco.com/security/advisories/v2/OSType/iosxe?version=17.2.1"
Response
When querying by software version the response data will include first fixed information.
"firstFixed": [
"17.3.1w",
"17.3.2a",
"17.3.6",
"17.3.4b",
"17.3.5a"
],
Request
To obtain the list of all advisories impacting Cisco ASA release 9.16.1.
curl -X GET "https://apix.cisco.com/security/advisories/v2/OSType/asa?version=9.16.1"
We could also specify just a specific platform. In this example the Cisco Adaptive Security Virtual Appliance (ASAv).
curl -X GET "https://apix.cisco.com/security/advisories/v2/OSType/asa?version=9.16.1&platformAlias=ASAV"
We can further narrow this down by checking a specific Advisory ID.
curl -X GET "https://apix.cisco.com/security/advisories/v2/OSType/asa?version=9.16.1&platformAlias=ASAV&advisoryId=cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv"