CRITIFENCE API V1

SCADA Vulnerabilities and Exposures Database (SVE) API

SCADA Vulnerabilities and Exposures Database (SVE) API provides methods to search CRITIFENCE's ongoing research databases
and to get summary information about cyber security vulnerabilities which affected Critical Infrastructure, SCADA and Industrial Control Systems hardware equipment.

Base URL

The base URL for SCADA Vulnerabilities and Exposures Database (SVE) API methods is:

http://api.critifence.com/v1/sve


Methods

GET

/product_vulns/{product}

Product Vulnerabilities

Returns vulnerability information that have been found on the given product.


Request URL
http://api.critifence.com/v1/sve/product_vulns/{product}

Parameters
  • api_key: [String] API Key
  • product: [String] Product name

Python Example Request
#!/usr/bin/env python
import json
import requests

API_KEY = 'YOUR_API_KEY'
API_URL = 'http://api.critifence.com/v1/sve'
METHOD = '/product_vulns'

PRODUCT = 'Moxa EDR-810'

url = API_URL + METHOD
params = dict(
    api_key=API_KEY,
    product=PRODUCT
)

response = requests.get(url, params=params)
results = json.loads(response.text)
print results

Sample Response
{
	"sveid":"320314477",
	"date":"2016-10-20",
	"title":"Moxa EDR-810 Industrial Secure Router Privilege Escalation Vulnerability",
	"platform":"Moxa",
	"product":"Moxa EDR-810",
	"version":"EDR-810",
	"author":"Maxim Rupp",
	"status":"Verified",
	"vuln_app":"N/A",
	"edbid":"N/A",
	"cveid":"CVE-2016-8346",
	"osvdbid":"N/A",
	"cwe":"N/A",
	"signature_id":"N/A",
	"type":"NETWORK"
}


GET

/sve_info/{sveid}

SVE Vulnerability Information

Returns cyber security vulnerability information that have been found on the given SCADA Vulnerabilities and Exposures Database vulnerability ID (SVEID).


Request URL
http://api.critifence.com/v1/sve/sve_info/{sveid}

Parameters
  • api_key: [String] API Key
  • sveid: [String] SVE Vulnerability ID (SVEID)

Python Example Request
#!/usr/bin/env python
import json
import requests

API_KEY = 'YOUR_API_KEY'
API_URL = 'http://api.critifence.com/v1/sve'
METHOD = '/sve_info'

SVEID = '803484475'

url = API_URL + METHOD
params = dict(
    api_key=API_KEY,
    sveid=SVEID
)

response = requests.get(url, params=params)
results = json.loads(response.text)
print results

Sample Response
{
	"sveid":"803484475","date":"2017-05-04",
	"title":"Rockwell Automation ControlLogix 5580 and CompactLogix 5380",
	"platform":"Rockwell Automation",
	"product":"ControlLogix",
	"version":"ControlLogix 5580 / ControlLogix 5380",
	"author":"N/A",
	"status":"Verified",
	"vuln_app":"N/A",
	"edbid":"N/A",
	"cveid":"CVE-2017-6024",
	"osvdbid":"N/A",
	"cwe":"N/A",
	"signature_id":"N/A",
	"type":"Other"
}