Patch Metadata

Provides metadata information for patches.

Base URL

        https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata

Supported Request

Method URL Input Return

GET

https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata

URL Parameters

PatchMetadata

Input Model

Name Type Description

count

Integer

Provide the count of items to return. The default is 10 and the maximum value is 1000.

errorPolicy

Enum

Determines if the call will throw an error when encountering an invalid ID.

  • ErrorPolicy=Throw means the entire request will be rejected.
  • ErrorPolicy=Omit means the problem area will be omitted but the rest of the request will be completed. Omit is the default value.

orderBy

Enum

Specifies the name of the attribute that will be used to order the query result. Valid values are any non-list attribute in the output model (bulletinId, bulletinReleaseDate, etc.). If omitted, by default the items in the query results will be sorted by their unique identifier. The unique identifier of the specified attribute is used as the marker when paginating the query results.

sortOrder

Enum

Specifies which direction to sort the results. Valid values are either Asc (ascending) or Desc (descending). You will typically want to pair this with orderBy to specify which attribute to use for the sort.

start

Integer

Sets the starting point. The items are sorted according to the orderBy parameter and the starting point is the index into that sorted list.

Only one of the following can be included in a request:

bulletinIds

Comma delimited Strings

Retrieve all patches for the specified bulletins.

cves

Comma delimited Strings

Retrieve all patches for the specified CVEs.

familyIds

Comma delimited Integers

Retrieve all patches for the specified families. The IDs can be retrieved through the family metadata.

iavaIds

Comma delimited Strings

Retrieve all patches for the specified IAVA identifiers.

ids

Comma delimited Guids

Retrieve the specified patches.

kbs

Comma delimited Strings

Retrieve all patches for the specified KBs.

productVersionIds

Comma delimited Strings

Retrieve all patches for the specified product version. The IDs can be retrieved through the product metadata.

vendorIds

Comma delimited Integers

Retrieve all patches for the specified vendors. The IDs can be retrieved through the vendor metadata.

Example with Sample Response

Find the first two patches

GET Request

https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata?count=2

Sample Response

Copy 
{
    "count": 2,
    "links": {
        "next": {
            "href": "https://device-name.example.com:3121/st/console/api/v1.0/patch/patchmetadata?count=2&start=000000bb-0000-0000-0000-000000000000&orderBy=PatchId&sortOrder=Asc"
        }
    },
    "value": [
        {
            "affectedProducts": [
                "00000014-0000-0000-0000-000000000000"
            ],
            "bulletinId": "MS00-068",
            "bulletinReleaseDate": "2000-09-26T00:00:00",
            "bulletinTitle": "OCX Attachment Vulnerability",
            "familyId": 169,
            "familyName": "Windows Media Player",
            "fileSize": 267792,
            "isCustom": false,
            "kb": "Q274303",
            "links": {
                "self": {
                    "href": "https://device-name.example.com:3121/st/console/api/v1.0/patch/patchmetadata/00000093-0000-0000-0000-000000000000"
                }
            },
            "name": "WMSU28412.EXE",
            "patchId": "00000093-0000-0000-0000-000000000000",
            "patchType": "SecurityPatch",
            "releaseDate": "2000-09-26T00:00:00Z",
            "replacedBy": "",
            "summary": "OCX controls are containers that can hold multiple ActiveX controls. A particular OCX control, associated with Windows Media Player, could be used in a denial of service attack against RTF-enabled e-mail clients such as Microsoft Outlook and Outlook Express. If the affected control were programmatically embedded into an RTF mail and then sent to another user, the user?s mail client would fail when he closed the mail.",
            "vendorId": 1,
            "vendorName": "Microsoft",
            "vendorSeverity": "None"
        },
        {
            "affectedProducts": [
                "00000014-0000-0000-0000-000000000000"
            ],
            "bulletinId": "MS00-090",
            "bulletinReleaseDate": "2000-11-22T00:00:00",
            "bulletinTitle": ".ASX Buffer Overrun and .WMS Script Execution Vulnerabilities",
            "familyId": 169,
            "familyName": "Windows Media Player",
            "fileSize": 1582536,
            "isCustom": false,
            "kb": "Q280419",
            "links": {
                "self": {
                    "href": "https://device-name.example.com:3121/st/console/api/v1.0/patch/patchmetadata/000000ba-0000-0000-0000-000000000000"
                }
            },
            "name": "wmsu34419.EXE",
            "patchId": "000000ba-0000-0000-0000-000000000000",
            "patchType": "SecurityPatch",
            "replacedBy": "MS01-029",
            "summary": "Microsoft has released a patch that eliminates two security vulnerabilities in Microsoft Windows Media Player. These vulnerabilities could potentially enable a malicious user to cause a program of his choice to run on another user's computer.",
            "vendorId": 1,
            "vendorName": "Microsoft",
            "vendorSeverity": "None"
        }
    ]
}

Other Request Examples

GET Request

https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata?count=10&orderBy=name&sortOrder=Asc

GET Request

https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata/01234567-89AB-CDEF-0123-456789ABCDEF

GET Request

https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata?kbs=KB929969

GET Request

https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata?productversionids=1432,1437

GET Request

https://<consoleFQDN:port>/st/console/api/v1.0/patch/patchmetadata?iavaids=A2002-0007,2020-A-0533

Output Model

Name Type Description

affectedProducts

Guid[]

The list of unique product identifiers to which the patch applies. See Vendor Family Product Metadata to identify the product version that is associated with each ID.

bulletinId

String

The bulletin ID. May be null.

bulletinReleaseDate

String

The bulletin release date.

bulletinTitle

String

The title of the product bulletin.

cves

String[]

The CVEs associated with the patch.

familyId

Int32

The product family identifier.

familyName

String

The product family name.

fileSize

Integer

The size of the downloaded patch file. If multiple patch download languages exist, the size shown will be for the language selected in the Tools > Options > Display dialog within Security Controls.

iava

String

The Information Assurance Vulnerability Alert (IAVA) number/identifier as defined by DISA/NIST government agencies. Only available if you have the Government Edition of Security Controls.

isCustom

Boolean

Indicates if the patch is a custom patch.

kb

String

The KB number.

links

Links

Shows the related URL for the patch.

name

String

The name of the executable file.

patchId

Guid

The patch GUID.

patchType

KnownPatchType

The patch type. Possible values are SecurityPatch, SoftwareDistribution, SecurityTools, NonSecurityPatch and CustomActions.

releaseDate

DateTime

The date and time the patch was released. May be null.

replacedBy

String

The patch that replaces this patch.

summary

String

The bulletin or notification summary, if provided by the vendor.

vendorId

Int32

The ID of the vendor who issued the patch.

vendorName

String

The name of the vendor who issued the patch.

vendorSeverity

Enum

The severity assigned by the vendor. Possible values are None, Critical, Important, Moderate and Low.