Get All Services

Cortex Xpanse REST API
post /public_api/v1/assets/get_external_services/

Get a complete or filtered list of all your external services.
The maximum result limit is 500.
Required License: Cortex Xpanse Expander

Request headers
authorization String required

api-key
Example: {{api_key}}
x-xdr-auth-id String required

api-key-id
Example: {{api_key_id}}
CLIENT REQUEST
curl -X 'POST'
-H 'Accept: application/json'
-H 'Content-Type: application/json'
-H 'authorization: {{api_key}}' -H 'x-xdr-auth-id: {{api_key_id}}'
'https://api-}/public_api/v1/assets/get_external_services/'
-d '{ "request_data" : { "search_from" : 0, "next_page_token" : "next_page_token", "vulnerability_test_results" : true, "filters" : [ { "field" : "service_name", "value" : "ExternalServicesFilter_value", "operator" : "in" }, { "field" : "service_name", "value" : "ExternalServicesFilter_value", "operator" : "in" } ], "sort" : { "field" : "service_name", "keyword" : "asc" }, "search_to" : 0, "use_page_token" : true } }'
import http.client conn = http.client.HTTPSConnection("api-") payload = "{\"request_data\":{\"filters\":[{\"field\":\"service_name\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"first_observed\",\"keyword\":\"ASC\"},\"use_page_token\":true,\"next_page_token\":\"string\",\"vulnerability_test_results\":true}}" headers = { 'authorization': "{{api_key}}", 'x-xdr-auth-id': "{{api_key_id}}", 'content-type': "application/json" } conn.request("POST", "%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
require 'uri' require 'net/http' require 'openssl' url = URI("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Post.new(url) request["authorization"] = '{{api_key}}' request["x-xdr-auth-id"] = '{{api_key_id}}' request["content-type"] = 'application/json' request.body = "{\"request_data\":{\"filters\":[{\"field\":\"service_name\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"first_observed\",\"keyword\":\"ASC\"},\"use_page_token\":true,\"next_page_token\":\"string\",\"vulnerability_test_results\":true}}" response = http.request(request) puts response.read_body
const data = JSON.stringify({ "request_data": { "filters": [ { "field": "service_name", "operator": "in", "value": "string" } ], "search_from": 0, "search_to": 500, "sort": { "field": "first_observed", "keyword": "ASC" }, "use_page_token": true, "next_page_token": "string", "vulnerability_test_results": true } }); const xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function () { if (this.readyState === this.DONE) { console.log(this.responseText); } }); xhr.open("POST", "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/"); xhr.setRequestHeader("authorization", "{{api_key}}"); xhr.setRequestHeader("x-xdr-auth-id", "{{api_key_id}}"); xhr.setRequestHeader("content-type", "application/json"); xhr.send(data);
HttpResponse<String> response = Unirest.post("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/") .header("authorization", "{{api_key}}") .header("x-xdr-auth-id", "{{api_key_id}}") .header("content-type", "application/json") .body("{\"request_data\":{\"filters\":[{\"field\":\"service_name\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"first_observed\",\"keyword\":\"ASC\"},\"use_page_token\":true,\"next_page_token\":\"string\",\"vulnerability_test_results\":true}}") .asString();
import Foundation let headers = [ "authorization": "{{api_key}}", "x-xdr-auth-id": "{{api_key_id}}", "content-type": "application/json" ] let parameters = ["request_data": [ "filters": [ [ "field": "service_name", "operator": "in", "value": "string" ] ], "search_from": 0, "search_to": 500, "sort": [ "field": "first_observed", "keyword": "ASC" ], "use_page_token": true, "next_page_token": "string", "vulnerability_test_results": true ]] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume()
<?php $curl = curl_init(); curl_setopt_array($curl, [ CURLOPT_URL => "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => "{\"request_data\":{\"filters\":[{\"field\":\"service_name\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"first_observed\",\"keyword\":\"ASC\"},\"use_page_token\":true,\"next_page_token\":\"string\",\"vulnerability_test_results\":true}}", CURLOPT_HTTPHEADER => [ "authorization: {{api_key}}", "content-type: application/json", "x-xdr-auth-id: {{api_key_id}}" ], ]); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { echo $response; }
CURL *hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST"); curl_easy_setopt(hnd, CURLOPT_URL, "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/"); struct curl_slist *headers = NULL; headers = curl_slist_append(headers, "authorization: {{api_key}}"); headers = curl_slist_append(headers, "x-xdr-auth-id: {{api_key_id}}"); headers = curl_slist_append(headers, "content-type: application/json"); curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"filters\":[{\"field\":\"service_name\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"first_observed\",\"keyword\":\"ASC\"},\"use_page_token\":true,\"next_page_token\":\"string\",\"vulnerability_test_results\":true}}"); CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/assets/get_external_services/"); var request = new RestRequest(Method.POST); request.AddHeader("authorization", "{{api_key}}"); request.AddHeader("x-xdr-auth-id", "{{api_key_id}}"); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"request_data\":{\"filters\":[{\"field\":\"service_name\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"first_observed\",\"keyword\":\"ASC\"},\"use_page_token\":true,\"next_page_token\":\"string\",\"vulnerability_test_results\":true}}", ParameterType.RequestBody); IRestResponse response = client.Execute(request);
Body parameters
required
application/json
request_dataobject
filtersarray
[
fieldstring (Enum)

String that identifies the service field the filter is matching. Filters are based on the following case-sensitive keywords:

  • active_classifications
  • business_units_list
  • discovery_type
  • domain
  • externally_detected_providers
  • externally_inferred_cves
  • first_observed
  • inactive_classifications
  • ip_address
  • ipv6_address
  • is_active
  • last_observed
  • protocol
  • service_name
  • service_type
  • service_type_list
  • tags
Allowed values:"service_name""protocol""service_type""ip_address""domain""externally_detected_providers""externally_inferred_cves""discovery_type""active_classifications""inactive_classifications""is_active""confirmed_vulnerable_cve_ids""confirmed_not_vulnerable_cve_ids""vulnerability_test_status""tags""service_type_list""business_units_list""ipv6_address""last_observed""first_observed"
operatorstring (Enum)

String that identifies the comparison operator you want to use for this filter. Valid keywords and values are:

  • contains / not_contains— use with externally_detected_providers, domain, externally_inferred_cves, active_classifications, inactive_classifications, service_name, service_type, protocol
  • eq / neq— use with service_name, service_type, protocol, ip_address
  • gte— Filters data from a specific timestamp onwards. Use with first_observed, last_observed
  • in— use with is_active, discovery_type, business_units_list, tags, ip_address
  • lte— Filters data up to a specific timestamp. Use with first_observed, last_observed
  • range— Filters data between two specific timestamps. Use with first_observed, last_observed
  • relative_timestamp— Filters data relative to the current time (e.g., last 30 days). Use with first_observed, last_observed
Allowed values:"in""contains""neq""eq""not_contains""gte""lte""range""relative_timestamp"
valueobject

Value that this filter must match. The contents of this field will differ depending on the services field that you specified for this filter:

  • active_classifications — String
  • business_units_list — String or list of strings in the format "BU name" or "BU:BU name", for example “Acme & Co, Inc.” or “BU:Acme & Co, Inc.”
  • discovery_type — List of strings. Values are: ColocatedOnIp, DirectlyDiscovered, Unknown.
  • domain — String
  • externally_detected_providers — String
  • externally_inferred_cves — String
  • first_observed — values in milliseconds format
    • with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
    • with range operator, specify "to" and "from" values as timestamps in milliseconds format "value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
    • with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
  • inactive_classifications — String
  • ip_address — List of strings
  • ipv6_address — String
  • is_active — String. Values are:yes, no
  • last_observed — values in milliseconds format
    • with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
    • with range operator, specify "to" and "from" values as timestamps in milliseconds format, as follows "value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
    • with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
  • protocol — String
  • service_name — String
  • service_type — String
  • service_type_list — String
  • tags — List of strings indicating the tags to filter on in the format "tag-family:tag-name", for example "AR:registered to you".
string

Value that this filter must match. The contents of this field will differ depending on the services field that you specified for this filter:

  • active_classifications — String
  • business_units_list — String or list of strings in the format "BU name" or "BU:BU name", for example “Acme & Co, Inc.” or “BU:Acme & Co, Inc.”
  • discovery_type — List of strings. Values are: ColocatedOnIp, DirectlyDiscovered, Unknown.
  • domain — String
  • externally_detected_providers — String
  • externally_inferred_cves — String
  • first_observed — values in milliseconds format
    • with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
    • with range operator, specify "to" and "from" values as timestamps in milliseconds format "value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
    • with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
  • inactive_classifications — String
  • ip_address — List of strings
  • ipv6_address — String
  • is_active — String. Values are:yes, no
  • last_observed — values in milliseconds format
    • with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
    • with range operator, specify "to" and "from" values as timestamps in milliseconds format, as follows "value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
    • with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
  • protocol — String
  • service_name — String
  • service_type — String
  • service_type_list — String
  • tags — List of strings indicating the tags to filter on in the format "tag-family:tag-name", for example "AR:registered to you".
Array
integer

Value that this filter must match. The contents of this field will differ depending on the services field that you specified for this filter:

  • active_classifications — String
  • business_units_list — String or list of strings in the format "BU name" or "BU:BU name", for example “Acme & Co, Inc.” or “BU:Acme & Co, Inc.”
  • discovery_type — List of strings. Values are: ColocatedOnIp, DirectlyDiscovered, Unknown.
  • domain — String
  • externally_detected_providers — String
  • externally_inferred_cves — String
  • first_observed — values in milliseconds format
    • with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
    • with range operator, specify "to" and "from" values as timestamps in milliseconds format "value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
    • with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
  • inactive_classifications — String
  • ip_address — List of strings
  • ipv6_address — String
  • is_active — String. Values are:yes, no
  • last_observed — values in milliseconds format
    • with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
    • with range operator, specify "to" and "from" values as timestamps in milliseconds format, as follows "value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
    • with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
  • protocol — String
  • service_name — String
  • service_type — String
  • service_type_list — String
  • tags — List of strings indicating the tags to filter on in the format "tag-family:tag-name", for example "AR:registered to you".
]
search_frominteger

An integer representing the start offset index of results.

search_tointeger

An integer representing the start offset index of results. Use this field to specify the number of results on a page when using page token pagination.

Default:500
sortobject

Identifies the sort order for the result set.

fieldstring (Enum)

Values are:

  • service_name
  • first_observed
  • last_observed By default, case-sensitive, sort is defined as service_name.
Default:"service_name"
Allowed values:"first_observed""service_name""last_observed"
keywordstring (Enum)

Can be either ASC (ascending order) or DESC (descending order). Default is ASC. Values are case sensitive.

Default:"asc"
Allowed values:"ASC""asc""DESC""desc"
Free-Form object
use_page_tokenboolean

Use "use_page_token":true in the initial request to paginate the response data.

next_page_tokenstring

If "use_page_token":true was included in the initial request, the response for that request will include a page token.
Use "next_page_token":"string" to pass that page token into the next request to paginate the next set of data.

vulnerability_test_resultsobject (Enum)

Includes vulnerability test results from the last 14 days for each service in the response.

Allowed values:true
Free-Form object
REQUEST
{ "request_data": { "filters": [ { "field": "service_name", "operator": "in", "value": "string" } ], "search_from": 0, "search_to": 500, "sort": { "field": "service_name", "keyword": "asc" }, "use_page_token": true, "next_page_token": "string" } }
{ "request_data": { "vulnerability_test_results": true } }
{ "request_data": { "filters": [ { "field": "last_observed", "value": "{{lookback7Days}}", "operator": "relative_timestamp" } ] } }
Responses

OK

Body
application/json
replyobject
total_countinteger
result_countinteger
external_servicesarray
[
service_idstring
service_namestring
service_typestring
ip_addressarray[string]
domainarray[string]
externally_detected_providersarray[string]
is_activestring
first_observedinteger
last_observedinteger
portinteger
protocolstring
active_classificationsarray[string]
inactive_classificationsarray[string]
discovery_typestring
externally_inferred_vulnerability_scorestring
externally_inferred_cvesarray[string]
tls_versionsarray
[
tlsVersionstring
cipherSuitestring
firstObservedinteger
lastObservedinteger
activityStatusstring
Free-Form object
]
inferred_cves_observedarray
[
inferredCvearray
[
cveIdstring
cvssScoreV2null
cveSeverityV2null
cvssScoreV3number
cveSeverityV3string
inferredCveMatchMetadataobject
inferredCveMatchTypestring
productstring
confidencestring
vendorstring
versionstring
matchingCpeInformationarray
[
partstring
vendorstring
productstring
versionstring
updatenull
editionnull
languagenull
softwareEditionnull
targetSoftwarenull
targetHardwarenull
othernull
sourceServiceClassificationIdstring
]
epssScorenull
cvssTemporalScoreV3null
cvssTemporalScoreV2null
publishedExploitsCountnull
reportedExploitedInTheWildnull
firstExploitPublishednull
firstReportedThreatActornull
firstReportedRansomwarenull
firstReportedBotnetnull
lastExploitPublishednull
lastReportedThreatActornull
lastReportedRansomwarenull
lastReportedBotnetnull
cisaKevDateAddednull
]
activityStatusstring
lastObservedinteger
firstObservedinteger
Free-Form object
]
cloud_management_statusstring
tagsarray[string]
vulnerability_test_statusstring
confirmed_vulnerable_cve_idsarray[string]
confirmed_not_vulnerable_cve_idsarray[string]
ipv6_addressarray[string]
asm_asset_idsarray[string]
geolocationsarray
[
latitudenumber
longitudenumber
countryCodestring
citystring
regionCodestring
timeZonestring
Free-Form object
]
business_unitsarray
[
[
creation_timeinteger
familystring
family_aliasstring
idstring
is_activeinteger
namestring
parent_idstring
update_timeinteger
Free-Form object
]
]
service_versionsarray[string]
]
next_page_tokenstring

This attribute is only returned if use_page_token is provided in the request with value true

Free-Form object
Free-Form object
RESPONSE
{ "reply": { "total_count": 1, "result_count": 1, "external_services": [ { "service_id": "2b6da586-46ca-3804-bbba-e5b02d8e53bb", "service_name": "Kerberos at x.x.x.x:88", "service_type": "Kerberos", "ip_address": [ "x.x.x.x" ], "domain": [], "externally_detected_providers": [ "On Prem" ], "is_active": "Active", "first_observed": 1710233760000, "last_observed": 1711956600000, "port": 88, "protocol": "TCP", "active_classifications": [ "Kerberos" ], "inactive_classifications": [], "discovery_type": "DirectlyDiscovered", "externally_inferred_vulnerability_score": " ", "externally_inferred_cves": [], "tls_versions": [], "inferred_cves_observed": [], "cloud_management_status": "Not Applicable", "tags": [ "AR:Registered to You", "BU:Mustang UAT 8507355851529627158" ], "vulnerability_test_status": "true", "confirmed_vulnerable_cve_ids": [ "CVE-2019-3396", "CVE-2022-26134", "CVE-2021-26084" ], "confirmed_not_vulnerable_cve_ids": [ "CVE-2021-26085" ], "vulnerability_test_results": [], "ipv6_address": [], "asm_asset_ids": [ "0b3ea202-f3fc-3176-8b5d-791afe2c0bd0" ], "geolocations": [ { "latitude": 55.75, "longitude": 37.58, "countryCode": "RU", "city": "MOSCOW", "regionCode": "", "timeZone": "null" } ], "business_units": [ [ { "creation_time": 1712001753495, "family": "business_units", "family_alias": "BU", "id": "BU:e9b79919-f6df-4723-af55-f080d5bf9e41", "is_active": 1, "name": "Mustang UAT 8507355851529627158", "parent_id": null, "update_time": 1712001753495 } ] ] } ] } }
{ "reply": { "total_count": 1, "result_count": 1, "external_services": [ { "service_id": "2b6da586-46ca-3804-bbba-e5b02d8e53bb", "service_name": "Kerberos at x.x.x.x:88", "service_type": "Kerberos", "ip_address": [ "x.x.x.x" ], "domain": [], "externally_detected_providers": [ "On Prem" ], "is_active": "Active", "first_observed": 1710233760000, "last_observed": 1711956600000, "port": 88, "protocol": "TCP", "active_classifications": [ "Kerberos" ], "inactive_classifications": [], "discovery_type": "DirectlyDiscovered", "externally_inferred_vulnerability_score": null, "externally_inferred_cves": [], "tls_versions": [], "inferred_cves_observed": [], "cloud_management_status": "Not Applicable", "tags": [ "AR:Registered to You", "BU:Mustang" ], "vulnerability_test_status": true, "confirmed_vulnerable_cve_ids": [ "CVE-2019-3396", "CVE-2022-26134", "CVE-2021-26084" ], "confirmed_not_vulnerable_cve_ids": [ "CVE-2021-26085" ], "vulnerability_test_results": [ { "TEST_ID": "fa8641b1-8ade-42ad-9172-ad4433f33e0f", "SERVICE_ID": "5c1df207-c8fe-33af-8f5f-c6853981a961", "VULNERABILITY_STATUS": "ConfirmedPositive", "EVIDENCE": "HTTP/1.1 200 \r\nConnection: close\r\nContent-Length: 63498\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=31536000\r\nCache-Control: public\r\nContent-Type: text/html;charset=UTF-8\r\nDate: Thu, 07 Mar 2024 17:32:07 GMT\r\nEtag: W/\"63498-1702546562287\"\r\nExpires: Fri, 07 Mar 2025 17:32:07 GMT\r\nLast-Modified: Thu, 14 Dec 2023 09:36:02 GMT\r\nX-Asen: SEN-5546831\r\nX-Confluence-Request-Time: 1709832727267\r\n\r\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<web-app xmlns=\"http://xmlns.jcp.org/xml/ns/javaee\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xsi:schemaLocation=\"http://xmlns.jcp.org/xml/ns/javaee\n\t\t http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd\"\n metadata-complete=\"true\"\n version=\"3.1\">\n\n <display-name>Confluence</display-name>\n <description>Confluence Web App</description>\n <absolute-ordering />\n\n <context-param>\n <param-name>contextConfigLocation</param-name>\n <param-value>com.atlassian.confluence.setup.ConfluenceAppConfig</param-value>\n </context-param>\n\n <context-param>\n <param-name>contextClass</param-name>\n <param-value>com.atlassian.confluence.setup.ConfluenceAnnotationConfigWebApplicationContext</param-value>\n </context-param>\n\n <!-- Uncomment the following to disable the space export long running task. -->\n <!--\n <context-param>\n <param-name>unsupportedContainersForExportLongRunningTask</param-name>\n <param-value>websphere,jboss</param-value>\n </context-param>\n -->\n\n <filter>\n <filter-name>debug-before-request</filter-name>\n <filter-class>com.atlassian.confluence.web.filter.DebugFilter</filter-class>\n <init-param>\n <param-name>phase</param-name>\n <param-value>before</param-value>\n </init-param>\n <init-param>\n <param-name>dispatcher</param-name>\n <param-value>REQUEST</param-value>\n </init-param>\n </filter>\n <filter>\n <filter-name>debug...", "SCAN_TIME": 1709832727000, "NAME": "Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability", "DESCRIPTION": "Atlassian Confluence Server, a widely used collaboration software, is affected by a security vulnerability identified as CVE-2021-26085. This vulnerability allows remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read in the /s/ endpoint.\n", "REMEDIATION_GUIDANCE": "The exploitation of this vulnerability could lead to unauthorized access to sensitive information and restricted resources. To mitigate the risk, it is recommended to update Atlassian Confluence Server to one of the fixed versions:\n- 7.4.10\n- 7.12.3\n- 7.13.0\n- 7.14.0\n\nBy updating to a fixed version, you can protect your Confluence Server instance from potential unauthorized access and information exposure.\n", "REFERENCES": [ "https://jira.atlassian.com/browse/CONFSERVER-67893" ], "VULNERABILITY_IDS": [ "CVE-2021-26085" ], "AFFECTED_SOFTWARE": [ { "NAME": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*", "VERSION_START_INCLUDING": null, "VERSION_START_EXCLUDING": null, "VERSION_END_INCLUDING": null, "VERSION_END_EXCLUDING": "7.4.10" }, { "NAME": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*", "VERSION_START_INCLUDING": "7.5.0", "VERSION_START_EXCLUDING": null, "VERSION_END_INCLUDING": null, "VERSION_END_EXCLUDING": "7.12.3" }, { "NAME": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*", "VERSION_START_INCLUDING": null, "VERSION_START_EXCLUDING": null, "VERSION_END_INCLUDING": null, "VERSION_END_EXCLUDING": "7.4.10" }, { "NAME": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*", "VERSION_START_INCLUDING": "7.5.0", "VERSION_START_EXCLUDING": null, "VERSION_END_INCLUDING": null, "VERSION_END_EXCLUDING": "7.12.3" } ], "SEVERITY_SCORE": 5.3, "CVES": [ { "cveId": "CVE-2021-26085", "cvssScoreV2": 5, "cveSeverityV2": "MEDIUM", "cvssScoreV3": 5.3, "cveSeverityV3": "MEDIUM", "confirmedVulnerable": "ConfirmedPositive", "epssScore": 0.96202 } ] } ], "ipv6_address": [], "asm_asset_ids": [ "0b3ea202-f3fc-3176-8b5d-791afe2c0bd0" ], "geolocations": [ { "latitude": 55.75, "longitude": 37.58, "countryCode": "RU", "city": "MOSCOW", "regionCode": null, "timeZone": null } ], "business_units": [ [ { "creation_time": 1712001753495, "family": "business_units", "family_alias": "BU", "id": "BU:e9b79919-f6df-4723-af55-f080d5bf9e41", "is_active": 1, "name": "Mustang UAT 8507355851529627158", "parent_id": null, "update_time": 1712001753495 } ] ] } ] } }

Bad Request. Got an invalid JSON.

Body
application/json
replyobject

The query results upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

err_extrastring

Additional information describing the error.

Free-Form object
Free-Form object
RESPONSE
{ "reply": { "err_code": "example", "err_msg": "example", "err_extra": "example" } }

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
application/json
replyobject

The query results upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

err_extrastring

Additional information describing the error.

Free-Form object
Free-Form object
RESPONSE
{ "reply": { "err_code": "example", "err_msg": "example", "err_extra": "example" } }

Unauthorized access. User does not have the required license type to run this API.

Body
application/json
replyobject

The query results upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

err_extrastring

Additional information describing the error.

Free-Form object
Free-Form object
RESPONSE
{ "reply": { "err_code": "example", "err_msg": "example", "err_extra": "example" } }

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
application/json
replyobject

The query results upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

err_extrastring

Additional information describing the error.

Free-Form object
Free-Form object
RESPONSE
{ "reply": { "err_code": "example", "err_msg": "example", "err_extra": "example" } }

Unprocessable Entity

Body
application/json
codeinteger

Error code

statusstring

Error name

messagestring

Error message

errorsobject

Errors

RESPONSE
{ "code": 0, "status": "example", "message": "example", "errors": {} }

Internal server error. A unified status for API communication type errors.

Body
application/json
replyobject

The query results upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

err_extrastring

Additional information describing the error.

Free-Form object
Free-Form object
RESPONSE
{ "reply": { "err_code": "example", "err_msg": "example", "err_extra": "example" } }