一个Python脚本,使用Cisco Security API根据操作系统类型和版本检索各种Cisco产品的漏洞信息。
这个 Python 脚本用于查询 Cisco 产品的已知漏洞信息,支持的 Cisco 产品包括:
- IOS
- IOS XE
- ASA
- FMC
- FTD
- FXOS
功能
- 基于 Cisco 产品的 OS 类型和版本号查询相关漏洞信息。
- 返回漏洞的标题、严重性评分、首次发布日期、最后更新日期、链接、CVE 编号、漏洞 ID 和 Bug ID。
- 使用 Cisco Security API 进行数据查询。
使用方法
-
安装依赖:
确保你已经安装了
openVulnQuery库。如果没有安装,可以使用以下命令进行安装:pip install openVulnQuery
-
获取 Cisco API 凭证:
你需要一个 Cisco API 客户端 ID 和客户端密钥才能使用这个脚本。请到 Cisco 的 API 控制台获取这些凭证。
-
配置脚本:
编辑
cisco_vuln_query.py文件,在if __name__ == '__main__':代码块中替换client_id和client_secret变量的值。 -
运行脚本:
使用以下命令运行脚本,并传递 OS 类型和版本号作为参数:
python cisco_vuln_query.py
修改
if __name__ == '__main__':部分的代码,使用需要的参数进行查询。
示例:
if __name__ == '__main__':
from pprint import pprint
client_id = "YOUR_CISCO_CLIENT_ID"
client_secret = "YOUR_CISCO_CLIENT_SECRET"
# 查询 IOS 的漏洞
ios_search_result = cisco_version_vuln_search(ostype='ios', version='12.2(55)SE10', client_id=client_id, client_secret=client_secret)
pprint(ios_search_result)
# 查询 IOS XE 的漏洞
# iosxe_search_result = cisco_version_vuln_search(ostype='iosxe', version='17.6.3', client_id=client_id, client_secret=client_secret)
# pprint(iosxe_search_result)
# 查询 ASA 的漏洞
# asa_search_result = cisco_version_vuln_search(ostype='asa', version='9.14(1)', client_id=client_id, client_secret=client_secret)
# pprint(asa_search_result)
# 其他 Cisco 产品的查询
# fmc_search_result = cisco_version_vuln_search(ostype='fmc', version='7.2.5', client_id=client_id, client_secret=client_secret)
# print(fmc_search_result)
# ftd_search_result = cisco_version_vuln_search(ostype='ftd', version='7.2.5', client_id=client_id, client_secret=client_secret)
# print(ftd_search_result)
# fxos_search_result = cisco_version_vuln_search(ostype='fxos', version='2.11.1.154', client_id=client_id, client_secret=client_secret)
# print(fxos_search_result)代码返回示例:
[
{
"advisory_id": "cisco-sa-vlan-dos-27Pur5RT",
"advisory_title": "Cisco Catalyst 9000 Series Switches Denial of Service Vulnerability",
"bug_ids": ["CSCwi34160"],
"cves": ["CVE-2024-20434"],
"cvss_base_score": "4.3",
"first_published": "2024-09-25T16:00:00",
"last_updated": "2024-10-04T21:53:25",
"publication_url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vlan-dos-27Pur5RT",
"sir": "Medium"
},
{
"advisory_id": "cisco-sa-sdwan-utd-dos-hDATqxs",
"advisory_title": "Cisco Catalyst SD-WAN Routers Denial of Service Vulnerability",
"bug_ids": ["CSCwi07137"],
"cves": ["CVE-2024-20455"],
"cvss_base_score": "8.6",
"first_published": "2024-09-25T16:00:00",
"last_updated": "2024-09-25T16:00:00",
"publication_url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs",
"sir": "High"
},
{
"advisory_id": "cisco-sa-rsvp-dos-OypvgVZf",
"advisory_title": "Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability",
"bug_ids": ["CSCwj05481"],
"cves": ["CVE-2024-20433"],
"cvss_base_score": "8.6",
"first_published": "2024-09-25T23:00:00",
"last_updated": "2024-09-25T23:00:00",
"publication_url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rsvp-dos-OypvgVZf",
"sir": "High"
}
]