We have a new tool to query and interact with the the Cisco PSIRT openVuln API called openVulnQuery. They have published and released the code of this Python based module in the Cisco PSIRT github repository. This module allows users to query the openVuln API using the command line and retrieve additional fields out of CVRF (version 1.1) XML documents. With our custom XML parser they were able to take advantage of including new fields and eliminated the need to use the cvrfparser framework.
The following are examples of the new fields included:
- Cisco bug IDs
- extensive vulnerability information
- full product list
- vulnerability summary
- document title
- publication URL
Since the code is open source, you can also add the capability to add any other fields from the CVRF file. There is even an option to save an API data call to a CSV or JSON file or display it out to the screen in a neat table.
openVulnQuery is also a library with importable modules. User can import query_client module to initialize a client with appropriate credentials and perform queries on the Cisco PSIRT openVuln API.
The code is available in the Cisco PSIRT github repository and the tool can also be installed using the Python Package Index (PyPI).
pip install openVulnQuery