DescribeVULRiskDetail
Last updated:2026-01-29 18:11:46
DescribeVULRiskDetail
Last updated: 2026-01-29 18:11:46
1. API Description
Domain name for API request: csip.intl.tencentcloudapi.com.
Retrieve vulnerability details.
A maximum of 20 requests can be initiated per second for this API.
We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.
2. Input Parameters
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common Params. The value used for this API: DescribeVULRiskDetail. |
| Version | Yes | String | Common Params. The value used for this API: 2022-11-21. |
| Region | No | String | Common Params. This parameter is not required. |
| MemberId.N | No | Array of String | Group Account Member ID |
| RiskId | No | String | Risk id. |
| PCMGRId | No | String | pcMgrId |
3. Output Parameters
| Parameter Name | Type | Description |
|---|---|---|
| ServiceSupport | Array of ServiceSupport | Security product support. |
| VulTrend | Array of VulTrend | Vulnerability trends. |
| VulData | VULRiskInfo | Vulnerability supplementary information. |
| QuestionId | String | Assistant q&a id. |
| SessionId | String | Session ID |
| RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
4. Example
Example1 Retrieve Vulnerability Display Details
Retrieve vulnerability details
Input Example
POST / HTTP/1.1
Host: csip.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeVULRiskDetail
<Common request parameters>
{
"PCMGRId": "pcmgr-33429"
}Output Example
{
"Response": {
"QuestionId": "id-21b41oi",
"RequestId": "46d36ab9-84d0-4ad1-bc9f-284742f231b9",
"ServiceSupport": [
{
"IsSupport": false,
"ServiceName": "cfw_waf_virtual",
"SupportHandledCount": 0,
"SupportTotalCount": 0
},
{
"IsSupport": false,
"ServiceName": "cwp_detect",
"SupportHandledCount": 0,
"SupportTotalCount": 0
},
{
"IsSupport": false,
"ServiceName": "cwp_defense",
"SupportHandledCount": 0,
"SupportTotalCount": 0
},
{
"IsSupport": false,
"ServiceName": "cwp_fix",
"SupportHandledCount": 0,
"SupportTotalCount": 0
}
],
"SessionId": "12040124",
"VulData": {
"Describe": "Vim has an input validation vulnerability. Since it does not correctly filter escape characters, Vim 3.0 from version 7.2.010 to 7.x cannot properly escape characters. This allows a user-assisted attacker to (1) execute arbitrary shell commands by inputting K keystrokes on a line containing a semicolon followed by a command, or through (2) inputting parameters after Ctrl-] (control parentheses) or (3) g] (g parentheses) to execute arbitrary Ex commands. The keystroke sequence differs from the issue in CVE-2008-2712."
"Fix": "We recommend that you update the current system or software to the latest version to complete vulnerability fixes. Reference link: https://www.vim.org/download.php"
"ImpactComponent": [
{
"Component": "vim",
"Version": "1.0.1"
}
],
"References": "http://ftp.vim.org/pub/vim/patches/7.2/7.2.010,http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2,http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2,http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e,http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33,http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html,http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html,http://secunia.com/advisories/31592,http://secunia.com/advisories/32222,http://secunia.com/advisories/32858,http://secunia.com/advisories/32864,http://secunia.com/advisories/33410,http://support.apple.com/kb/HT3216,http://support.apple.com/kb/HT4077,http://support.avaya.com/elmodocs2/security/ASA-2008-457.htm,http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm,http://www.mandriva.com/security/advisories?name=MDVSA-2008:236,http://www.openwall.com/lists/oss-security/2008/09/11/3,http://www.openwall.com/lists/oss-security/2008/09/11/4,http://www.openwall.com/lists/oss-security/2008/09/16/5,http://www.openwall.com/lists/oss-security/2008/09/16/6,http://www.rdancer.org/vulnerablevim-K.html,http://www.redhat.com/support/errata/RHSA-2008-0580.html,http://www.redhat.com/support/errata/RHSA-2008-0617.html,http://www.redhat.com/support/errata/RHSA-2008-0618.html,http://www.securityfocus.com/archive/1/495662,http://www.securityfocus.com/archive/1/495703,http://www.securityfocus.com/archive/1/502322/100/0/threaded,http://www.securityfocus.com/bid/30795,http://www.securityfocus.com/bid/31681,http://www.ubuntu.com/usn/USN-712-1,http://www.vmware.com/security/advisories/VMSA-2009-0004.html,http://www.vupen.com/english/advisories/2008/2780,http://www.vupen.com/english/advisories/2009/0033,http://www.vupen.com/english/advisories/2009/0904,https://bugzilla.redhat.com/show_bug.cgi?id=461927,https://exchange.xforce.ibmcloud.com/vulnerabilities/44626,https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10894,https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5812"
},
"VulTrend": [
{
"AffectAssetCount": 0,
"AffectUserCount": 0,
"AttackCount": 0,
"Date": "2023-12-05"
},
{
"AffectAssetCount": 0,
"AffectUserCount": 0,
"AttackCount": 0,
"Date": "2023-12-06"
},
{
"AffectAssetCount": 0,
"AffectUserCount": 0,
"AttackCount": 0,
"Date": "2023-12-07"
},
{
"AffectAssetCount": 0,
"AffectUserCount": 0,
"AttackCount": 0,
"Date": "2023-12-08"
},
{
"AffectAssetCount": 0,
"AffectUserCount": 0,
"AttackCount": 0,
"Date": "2023-12-09"
},
{
"AffectAssetCount": 0,
"AffectUserCount": 0,
"AttackCount": 0,
"Date": "2023-12-10"
},
{
"AffectAssetCount": 0,
"AffectUserCount": 0,
"AttackCount": 0,
"Date": "2023-12-11"
}
]
}
}5. Developer Resources
SDK
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
- Tencent Cloud SDK 3.0 for Python
- Tencent Cloud SDK 3.0 for Java
- Tencent Cloud SDK 3.0 for PHP
- Tencent Cloud SDK 3.0 for Go
- Tencent Cloud SDK 3.0 for Node.js
- Tencent Cloud SDK 3.0 for .NET
- Tencent Cloud SDK 3.0 for C++
Command Line Interface
6. Error Code
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| AuthFailure | CAM signature/authentication error. |
| DryRunOperation | The request would have succeeded, but the DryRun parameter was used. |
| FailedOperation | Operation failed. |
| InternalError | An internal error occurs. |
| InvalidParameter | The parameter is incorrect. |
| InvalidParameterValue | Invalid parameter value. |
| LimitExceeded | The quota limit is reached. |
| MissingParameter | Missing parameters. |
| OperationDenied | Operation denied. |
| RequestLimitExceeded | Too many requests. |
| ResourceInUse | Occupied resource |
| ResourceInsufficient | Resources are insufficient. |
| ResourceNotFound | The resource doesn't exist. |
| ResourceUnavailable | The resource is unavailable |
| ResourcesSoldOut | The resources have been sold out. |
| UnauthorizedOperation | The operation is unauthorized. |
| UnknownParameter | The parameter is unknown. |
| UnsupportedOperation | The operation is not supported. |
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback