search

CiscoPSIRT / openVulnAPI

Documentation and Tools for Cisco's PSIRT openVuln API
https://developer.cisco.com/psirt/
MIT License
102 stars 52 forks source link

Different API response depending on platform (NXOS/ACI vs IOS/IOS-XE) #83

Open NWMichl opened 3 years ago

NWMichl commented 3 years ago

Describe the bug First fixed software versions are reported with a different data structure and naming depending on whether NXOS/ACI or IOS(XE) is used for the API query.

To Reproduce An API query with NXOS 7.0(3)I7(8) results in

(...)
platforms:
- firstFixes:
  - id: '279749'
    name: 7.0(3)I7(9)
  id: '265096'
  name: Cisco Nexus 9000 Series Switches
  vulnerabilityState: vulnerable
(...)

But an API query with IOSXE 03.16.09.S results in 

(...)
firstFixed:
- 3.18.2S
(...)

Expected behavior Since the NXOS/ACI variant allows more extensive parameters already, an adaptation of the IOS response would be desirable.

Screenshots

Desktop (please complete the following information):

Smartphone (please complete the following information):

Additional context BTW: The API itself is worth gold and makes our work a lot easier, so I would like to thank you for your work! But such inconsistencies should be avoided, right?

AdamMack2007 commented 3 years ago

I can add on to this an example of the API converting the version to an abbreviated version:

Actual version: 16.12.03 Cisco API Response: 16.12.3

As you can imagine when we're mapping data structures based on the value that those two strings do not match and will cause an issue.