Security-Database API Reference : vDNACvss

The vDNACvss API consists of individual requests and responses, as shown below.

Endpoint WSDL/XSD

API Production (Live) Endpoint
https://www.security-database.com/get_vdna_soapserver_cvss.php?wsdl

SOAP Service Endpoints Limitations

Production Web Services API Services Endpoints Queries Limitations
 Free and BusinessEnterprise
getVDNACvss()Unlimited queries / dayUnlimited queries / day

vDNACvss API Overview

vDNACvss API Overview by Name

APIPurpose
get_cvssscore_withenumerationRetreive a full CVSS v2 vector score with separate Entries
get_cvssscore_withvectorRetreive a full CVSS v2 vector score with vector input

vDNACvss API Overview by Name and Function

API Overview by Name and Function and Service Endpoint

SOAP NameSOAP Request / Response
get_cvssscore_withenumerationget_cvssscore_withenumerationIn
get_cvssscore_withenumerationOut
get_cvssscore_withvectorget_cvssscore_withvectorIn
get_cvssscore_withvectorOut

get_cvssscore_withenumeration

get_cvssscore_withenumerationIn is your request to retreive the CVSS v2 Scores with enumeration input

get_cvssscore_withenumerationIn

All informations about Allowable value of the CVSS requirement are available on the CVSS calculator page

vDNACvss API Overview by Field

ElementDescriptionData TypeAllowable ValuesRequired
loginThis is your Security-Database User Loginxsd:stringSee DescriptionYes
apikeyThis is your API Key that you can found in your Security-Database User Panel (menu vDNA API)xsd:string32 single-byte charactersYes
modulekeyThis is your Module id that you can found in your Security-Database User Panel (menu vDNA API -> modules)xsd:string32 single-byte charactersYes
access_vectorThis metric reflects how the vulnerability is exploited. The more remote an attacker can be to attack a host, the greater the vulnerability score.tns:Access_vectorL | A | NYes
access_complexityThis metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system. tns:Access_complexityH | M | LYes
authenticationThis metric measures the number of times an attacker must authenticate to a target in order to exploit a vulnerability. tns:AuthentificationN | S | MYes
confidentialityThis metric measures the impact on confidentiality of a successfully exploited vulnerability.tns:NPCN | P | CYes
integrityThis metric measures the impact to integrity of a successfully exploited vulnerability.tns:NPCN | P | CYes
availabilityThis metric measures the impact to availability of a successfully exploited vulnerability.tns:NPCN | P | CYes
remediation_levelThe remediation level of a vulnerability is an important factor for prioritization.tns:Remediation_levelOF | TF | W | U | NDNo
report_confidenceThis metric measures the degree of confidence in the existence of the vulnerability and the credibility of the known technical details.tns:Report_confidenceUC | UR | C | NDNo
exploitabilityThis metric measures the current state of exploit techniques or code availability.tns:ExploitabilityU | POC | F | H | NDNo
collateral_damage_potentialThis metric measures the potential for loss of life or physical assets through damage or theft of property or equipment.tns:Collateral_damage_potentialN | L | LM | MH | H | NDNo
target_distributionThis metric measures the proportion of vulnerable systems.tns:Target_distributionN | L | M | H | NDNo
confidentiality_requirementThese metrics enable the analyst to customize the CVSS score depending on the importance of the affected IT asset to a users organization.tns:SRL | M | H NDNo
integrity_requirementThese metrics enable the analyst to customize the CVSS score depending on the importance of the affected IT asset to a users organization.tns:SRL | M | H NDNo
availability_requirementThese metrics enable the analyst to customize the CVSS score depending on the importance of the affected IT asset to a users organization.tns:SRL | M | H NDNo

Example of get_cvssscore_withenumerationIn

Example with only mandatory value

<soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
                  xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
                  xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" 
                  xmlns:get="https://www.security-database.com/get_vdna_soapserver_cvss.php">
    <soapenv:Header/>
    <soapenv:Body>
        <get:get_cvssscore_withenumeration soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
            <login xsi:type="xsd:string">testlogin</login>
            <apikey xsi:type="xsd:string">quJzDo7J5VDAouuNFuVvlDu6dAhlvfxS</apikey>
            <modulekey xsi:type="xsd:string">9J4rdVutHFmed7a3Kp5JzUZq02W6cQDj</modulekey>
            <access_vector xsi:type="xsd:string">N</access_vector>
            <access_complexity xsi:type="xsd:string">L</access_complexity>
            <authentification xsi:type="xsd:string">N</authentification>
            <confidentiality xsi:type="xsd:string">C</confidentiality>
            <integrity xsi:type="xsd:string">C</integrity>
            <availability xsi:type="xsd:string">C</availability>
        </get:get_cvssscore_withenumeration>
    </soapenv:Body>
</soapenv:Envelope>

get_cvssscore_withenumerationOut

vDNACvss API Overview by Field

ElementDescriptionData TypePossible Values
returnreturn a complex XML (validation with schema)tns:Cvss_scoresSee description

Example of get_cvssscore_withenumerationOut

Example of SOAP return. Schema available here : http://www.security-database.com/schemas/vdnacvss.xsd

<SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" 
                   xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
                   xmlns:ns1="https://www.security-database.com/get_vdna_soapserver_cvss.php" 
                   xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
                   xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/">
    <SOAP-ENV:Body>
        <ns1:get_cvssscore_withenumerationResponse>
            <return xsi:type="ns1:Cvss_scores">
                <Vector xsi:type="xsd:string">(AV:N/AC:L/AU:N/C:C/I:C/A:C/E:ND/RL:ND/RC:ND/CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND)</Vector>
                <Overall xsi:nil="true"/>
                <Base xsi:type="xsd:float">10</Base>
                <Impact xsi:type="xsd:float">10</Impact>
                <Exploitability xsi:type="xsd:float">10</Exploitability>
                <Temporal xsi:nil="true"/>
                <Environmental xsi:nil="true"/>
                <AdjustedImpact xsi:nil="true"/>
                <AdjustedBase xsi:nil="true"/>
                <AdjustedTemporal xsi:nil="true"/>
            </return>
        </ns1:get_cvssscore_withenumerationResponse>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

get_cvssscore_withvector

get_cvssscore_withvectorIn is your request to retreive the CVSS v2 Scores with enumeration input

get_cvssscore_withvectorIn

All informations about Allowable value of the CVSS requirement are available on the CVSS calculator page

vDNACvss API Overview by Field

ElementDescriptionData TypeAllowable ValuesRequired
loginThis is your Security-Database User Loginxsd:stringSee DescriptionYes
apikeyThis is your API Key that you can found in your Security-Database User Panel (menu vDNA API)xsd:string32 single-byte charactersYes
modulekeyThis is your Module id that you can found in your Security-Database User Panel (menu vDNA API -> modules)xsd:string32 single-byte charactersYes
vectorA fully compliant CVSS v2 Vector. Your can find example here. It must be under ()

Short Example :
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Long Example :
(AV:N/AC:L/Au:N/C:C/I:C/A:C /E:ND/RL:ND/RC:ND/CDP:ND/TD:ND /CR:ND/IR:ND/AR:ND)
xsd:stringSee descriptionYes

Example of get_cvssscore_withvectorIn

<soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
                  xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
                  xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" 
                  xmlns:get="https://www.security-database.com/get_vdna_soapserver_cvss.php">
    <soapenv:Header/>
    <soapenv:Body>
        <get:get_cvssscore_withvector soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
            <login xsi:type="xsd:string">testlogin</login>
            <apikey xsi:type="xsd:string">65de86d2ababdh7D91c42f4f66885d2c</apikey>
            <modulekey xsi:type="xsd:string">65de86d1ksn10odj1u42f4f66885d211</modulekey>
            <vector xsi:type="xsd:string">(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:ND/RL:ND/RC:ND/CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND)</vector>
        </get:get_cvssscore_withvector>
    </soapenv:Body>
</soapenv:Envelope>

get_cvssscore_withvectorOut

vDNACvss API Overview by Field

ElementDescriptionData TypePossible Values
returnreturn a complex XML (validation with schema)tns:Cvss_scoresSee description

Example of get_cvssscore_withvectorOut

Example of SOAP return. Schema available here : http://www.security-database.com/schemas/vdnacvss.xsd

<SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" 
                   xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
                   xmlns:ns1="https://www.security-database.com/get_vdna_soapserver_cvss.php" 
                   xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
                   xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/">
    <SOAP-ENV:Body>
        <ns1:get_cvssscore_withenumerationResponse>
            <return xsi:type="ns1:Cvss_scores">
                <Vector xsi:type="xsd:string">(AV:N/AC:L/AU:N/C:C/I:C/A:C/E:ND/RL:ND/RC:ND/CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND)</Vector>
                <Overall xsi:nil="true"/>
                <Base xsi:type="xsd:float">10</Base>
                <Impact xsi:type="xsd:float">10</Impact>
                <Exploitability xsi:type="xsd:float">10</Exploitability>
                <Temporal xsi:nil="true"/>
                <Environmental xsi:nil="true"/>
                <AdjustedImpact xsi:nil="true"/>
                <AdjustedBase xsi:nil="true"/>
                <AdjustedTemporal xsi:nil="true"/>
            </return>
        </ns1:get_cvssscore_withenumerationResponse>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>