The Cisco PSIRT openVuln API was released at the end of 2015 and I stumbled across it in 2016 and have written numerous post and scripts which access it. However a some point in the last three years access to the API has been restricted and a “Service Partner Contract” is now required. This means that for the casual network engineer this great resource is not longer available.

I am planning on taking up the challenge of providing an alternative to the official API, so endlessninth has been born. Between the Cisco CVRF and CVE listings is should be possible to pull in the data either via scrapping or API and store it in a database. At this stage I imagine the database will be stored locally, built and then updated each time the script is run. Python flask will provide the REST front end which will query the database and return results. It should even be possible to use the official Cisco openVulnQuery scripts….maybe.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: