Is it possible to create a list of products of interest and iterate through the list and find all the advisories related to that product?
Thank you for reaching out. Currently, the only way is to dump the CVRF files and use the Product List in the file. We are currently working on expanding the API and having the ability to query on a per product basis. We will be updating DevNet and this community when this is available.
Really looking forward to this feature.. It would make the API 10x more useful !
Omar Santos wrote:
Thank you for reaching out. Currently, the only way is to dump the CVRF files and use the Product List in the file. We are currently working on expanding the API and having the ability to query on a per product basis.
Q: Does that mean you have to:
- use the API to get all vulnerabilities
- download the associated CVRF XML files
- search if a specific product is listed under <ProductTree> <FullProductName> ?
There are many advisories that seem to affect multiple product groups/families (like this one) . These don't have a "Product List" with <ProductTree> in the CVRF XML file. So you could not include these, making scanning all vulnerabilities useless.. Agree?
That is correct. Unfortunately, this is a current limitation and Cisco is working on having this feature implemented in the fall.
Excuse me, when you said 'in the fall', did you mean this Fall / Autumn?