Domain name for API request: cwp.intl.tencentcloudapi.com.
This API is used to query the application protection allowlist attack type list.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common Params. The value used for this API: DescribeAttackType. |
| Version | Yes | String | Common Params. The value used for this API: 2018-02-28. |
| Region | No | String | Common Params. This parameter is not required. |
| Filters.N | Yes | Array of Filter | Filter criteria |
| Limit | No | Integer | Number of entries to be returned. Default value: 10. Maximum value: 1000. |
| Offset | No | Integer | Offset. Default value: 0. |
| By | No | String | Sorting field. Currently available: Id. Default sorting order is by Id. Can be omitted. |
| Order | No | String | Sorting method: DESC, ASC. |
| Parameter Name | Type | Description |
|---|---|---|
| List | Array of RaspAttackTypeListItem | List content |
| TotalCount | Integer | Total number of entries |
| RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
POST / HTTP/1.1
Host: cwp.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeAttackType
<Common request parameters>
{
"Filters": [
{
"Name": "Keywords",
"Values": [
"sda"
]
}
]
}
{
"Response": {
"List": [
{
"AttackTypeID": 18,
"AttackTypeName": "JSTL arbitrary file inclusion"
"Source": "rasp"
},
{
"AttackTypeID": 34,
"AttackTypeName": "High risk method invocation",
"Source": "rasp"
},
{
"AttackTypeID": 33,
"AttackTypeName": "WebShell backdoor"
"Source": "rasp"
},
{
"AttackTypeID": 31,
"AttackTypeName": "IP/URL block"
"Source": "rasp"
},
{
"AttackTypeID": 30,
"AttackTypeName": "Malicious reflection call"
"Source": "rasp"
},
{
"AttackTypeID": 29,
"AttackTypeName": "SQL injection"
"Source": "rasp"
},
{
"AttackTypeID": 28,
"AttackTypeName": "Memory shell injection",
"Source": "memshell_inject"
},
{
"AttackTypeID": 27,
"AttackTypeName": "Malicious Attach"
"Source": "rasp"
},
{
"AttackTypeID": 26,
"AttackTypeName": "Malicious External Link"
"Source": "rasp"
},
{
"AttackTypeID": 25,
"AttackTypeName": "Engine injection",
"Source": "rasp"
},
{
"AttackTypeID": 24,
"AttackTypeName": "XML entity injection"
"Source": "rasp"
},
{
"AttackTypeID": 23,
"AttackTypeName": "Malicious DNS query",
"Source": "rasp"
},
{
"AttackTypeID": 22,
"AttackTypeName": "JNI injection"
"Source": "rasp"
},
{
"AttackTypeID": 21,
"AttackTypeName": "Malicious class load"
"Source": "rasp"
},
{
"AttackTypeID": 20,
"AttackTypeName": "Dangerous protocol usage"
"Source": "rasp"
},
{
"AttackTypeID": 19,
"AttackTypeName": "Thread injection"
"Source": "rasp"
},
{
"AttackTypeID": 17,
"AttackTypeName": "Expression injection"
"Source": "rasp"
},
{
"AttackTypeID": 16,
"AttackTypeName": "HTTP information acquisition"
"Source": "rasp"
},
{
"AttackTypeID": 15,
"AttackTypeName": "Command execution"
"Source": "rasp"
},
{
"AttackTypeID": 14,
"AttackTypeName": "JNDI injection"
"Source": "rasp"
},
{
"AttackTypeID": 13,
"AttackTypeName": "Malicious file read/write"
"Source": "rasp"
},
{
"AttackTypeID": 12,
"AttackTypeName": "Arbitrary File Deletion",
"Source": "rasp"
},
{
"AttackTypeID": 11,
"AttackTypeName": "Path traversal"
"Source": "rasp"
},
{
"AttackTypeID": 10,
"AttackTypeName": "Malicious File Upload"
"Source": "rasp"
},
{
"AttackTypeID": 9,
"AttackTypeName": "Arbitrary File Read"
"Source": "rasp"
},
{
"AttackTypeID": 36,
"AttackTypeName": "XPath injection vulnerability",
"Source": "rasp"
},
{
"AttackTypeID": 37,
"AttackTypeName": "URL redirection vulnerability",
"Source": "rasp"
},
{
"AttackTypeID": 38,
"AttackTypeName": "Other type deserialization vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 39,
"AttackTypeName": "JDBC vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 40,
"AttackTypeName": "rule mode"
"Source": "rasp"
},
{
"AttackTypeID": 41,
"AttackTypeName": "Scanner Detection"
"Source": "rasp"
},
{
"AttackTypeID": 52,
"AttackTypeName": "Spring framework reflected file download vulnerability (CVE-2020-5421)"
"Source": "rasp"
},
{
"AttackTypeID": 44,
"AttackTypeName": "Apache Flink arbitrary file read vulnerability (CVE-2020-17519)"
"Source": "rasp"
},
{
"AttackTypeID": 43,
"AttackTypeName": "Openfire identity authentication bypass vulnerability (CVE-2023-32315)"
"Source": "rasp"
},
{
"AttackTypeID": 45,
"AttackTypeName": "GeoServer Jiffle Remote Code Execution Vulnerability (CVE-2022-24816)"
"Source": "rasp"
},
{
"AttackTypeID": 46,
"AttackTypeName": "OpenTSDB command injection vulnerability (CVE-2020-35476)",
"Source": "rasp"
},
{
"AttackTypeID": 47,
"AttackTypeName": "Bitbucket Server command injection vulnerability (CVE-2022-36804)",
"Source": "rasp"
},
{
"AttackTypeID": 48,
"AttackTypeName": "Atlassian Crowd and Atlassian Crowd Data Center input validation error vulnerability (CVE-2019-11580)"
"Source": "rasp"
},
{
"AttackTypeID": 49,
"AttackTypeName": "Apache Tomcat DoS vulnerability (CVE-2020-13935)",
"Source": "rasp"
},
{
"AttackTypeID": 50,
"AttackTypeName": "Atlassian Confluence Data Center and Server access control vulnerability (CVE-2023-22515)"
"Source": "rasp"
},
{
"AttackTypeID": 51,
"AttackTypeName": "Atlassian Confluence Data Center and Server privilege bypass vulnerability (CVE-2023-22518)"
"Source": "rasp"
},
{
"AttackTypeID": 1,
"AttackTypeName": "Log4shell vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 42,
"AttackTypeName": "JetBrains TeamCity Security Vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 35,
"AttackTypeName": "Springboot Actuator unauthorized access vulnerability",
"Source": "rasp"
},
{
"AttackTypeID": 32,
"AttackTypeName": "Tomcat AJP Arbitrary File Read/Contain Vulnerabilities (CVE-2020-1938)"
"Source": "rasp"
},
{
"AttackTypeID": 8,
"AttackTypeName": "Apache Kafka Connect JNDI Injection Vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 7,
"AttackTypeName": "Spring4Shell remote code execution vulnerability (CVE-2022-22965)"
"Source": "rasp"
},
{
"AttackTypeID": 6,
"AttackTypeName": "Apache RocketMQ remote code execution vulnerability (CVE-2023-33246)",
"Source": "rasp"
},
{
"AttackTypeID": 5,
"AttackTypeName": "Jenkins Remoting arbitrary file read vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 4,
"AttackTypeName": "Java deserialization vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 3,
"AttackTypeName": "XStream deserialization vulnerability"
"Source": "rasp"
},
{
"AttackTypeID": 2,
"AttackTypeName": "FastJson deserialization vulnerability"
"Source": "rasp"
}
],
"RequestId": "21342534-5a16-40e1-8f59-60d2f378ee7d",
"TotalCount": 52
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| InternalError | Internal error |
| InvalidParameter | Incorrect parameter. |
| InvalidParameter.DateRange | Incorrect time range format. |
| InvalidParameter.IllegalRequest | Invalid request. |
| InvalidParameter.InvalidFormat | Incorrect parameter format. |
| InvalidParameter.MissingParameter | Missing parameter. |
| InvalidParameter.ParsingError | Incorrect parameter parsing. |
| InvalidParameter.RegexRuleError | The regular expression parameter format is incorrect. |
| InvalidParameterValue | Invalid parameter value. |
| LimitExceeded.AreaQuota | The maximum number for batch addition is exceeded. |
| MissingParameter | Missing parameter error. |
| ResourceNotFound | The resource does not exist. |
Was this page helpful?
You can also Contact sales or Submit a Ticket for help.
Help us improve! Rate your documentation experience in 5 mins.
Feedback