Public/Get-FODVulnerabilities.ps1
|
function Get-FODVulnerabilities { <# .SYNOPSIS Get information about FOD vulnerabilities. .DESCRIPTION Get information about FOD vulnerabilities. .PARAMETER ApplicationName The Name of the application to import into. .PARAMETER ReleaseName The Name of the release to import into. Note: Both ApplicationName and ReleaseName are required if not specifying ReleaseId .PARAMETER ReleaseId The Id of the Release to get vulnerabilities for. .PARAMETER Filters A delimited list of field filters. .PARAMETER OrderBy The field name to order the results by. .PARAMETER OrderByDirection The direction to order the results by. ASC and DESC are valid values. .PARAMETER Fields Comma separated list of fields to return. .PARAMETER ExcludeFilters Filter data should be excluded in the return value. .PARAMETER IncludeFixed Items that have been fixed should be included in the return value. .PARAMETER IncludeSuppressed items that have been suppressed should be included in the return value. .PARAMETER KeywordSearch Used for keyword searches. .PARAMETER Paging If specified, and more data is available after loading limit of vulnerabilities, continue querying FOD until we have retrieved all the data available. .PARAMETER Limit Limit the number of vulnerabilities returned to this number. Maximum value is 50. Default is 50. .PARAMETER Raw If specified, provide raw output and do not parse any responses. .PARAMETER Token FOD token to use. If empty, the value from PS4FOD will be used. .PARAMETER Proxy Proxy server to use. Default value is the value set by Set-FODConfig .EXAMPLE # Get all of the vulnerabilities for release id 1000 through Paging Get-FODVulnerabilities -Release Id 1000 -Paging .EXAMPLE # Get all vulnerabilities with "critical" or "high" severity for release id 1000 Get-FODVulnerabilities -Release Id 1000 -Paging -Filters "severityString:Critical|High" .LINK https://api.ams.fortify.com/swagger/ui/index#!/Vulnerabilities/VulnerabilitiesV3_GetVulnerabilities .FUNCTIONALITY Fortify on Demand #> [CmdletBinding()] param ( [Parameter()] [string]$ApplicationName, [Parameter()] [string]$ReleaseName, [Parameter()] [int]$ReleaseId, [string]$Filters, [string]$OrderBy, [string]$OrderByDirection, [string]$Fields, [switch]$ExcludeFilters, [switch]$IncludeFixed, [switch]$IncludeSuppressed, [string]$KeywordSearch, [switch]$Raw, [switch]$Paging, [int]$Limit = 50, [Parameter()] [ValidateNotNullOrEmpty()] [string]$Token = $Script:PS4FOD.Token, [Parameter()] [ValidateNotNullOrEmpty()] [string]$ApiUri = $Script:PS4FOD.ApiUri, [Parameter()] [ValidateNotNullOrEmpty()] [string]$Proxy = $Script:PS4FOD.Proxy, [switch]$ForceVerbose = $Script:PS4FOD.ForceVerbose ) begin { # If we don't have a ReleaseId we have to find it using API if (-not $ReleaseId) { try { $ReleaseId = Get-FODReleaseId -ApplicationName $ApplicationName -ReleaseName $ReleaseName } catch { Write-Error $_ Break } } $Params = @{} if ($Proxy) { $Params['Proxy'] = $Proxy } if ($ForceVerbose) { $Params.Add('ForceVerbose', $True) $VerbosePreference = "Continue" } Write-Verbose "Get-FODVulnerabilities Bound Parameters: $( $PSBoundParameters | Remove-SensitiveData | Out-String )" $Body = @{ offset = 0 limit = $Limit } if ($Filters) { $Body.Add("filters", $Filters) } if ($OrderBy) { $Body.Add("orderBy", $OrderBy) } if ($OrderByDirection) { if ($OrderByDirection -eq "ASC" -or $OrderByDirection -eq "DESC") { $Body.Add("orderByDirection", $OrderByDirection) } else { Write-Error "OrderBy can only be ASC or DESC." Break } } if ($Fields) { $Body.Add("fields", $Fields) } if ($ExcludeFilters) { $Body.Add("excludeFilters", "true") } else { #$Body.Add("excludeFilters", "false") } if ($IncludeFixed) { $Body.Add("includeFixed", "true") } else { #$Body.Add("includeFixed", "false") } if ($IncludeSuppressed) { $Body.Add("includeSuppressed", "true") } else { #$Body.Add("includeSuppressed", "false") } if ($KeywordSearch) { $Body.Add("keywordSearch", $KeywordSearch) } if ($Limit -gt 50) { Write-Error "Maximum value for Limit is 50." Break } $RawVulnerabilities = @() $HasMore = $false $TotalCount = 0 $LoadedCount = 0 $LoadLimit = $Limit } process { do { Write-Verbose "Send-FODApi -Method Get -Operation '/api/v3/releases/$ReleaseId/vulnerabilities'" #$Params $Response = Send-FODApi -Method Get -Operation "/api/v3/releases/$ReleaseId/vulnerabilities" -Body $Body @Params $TotalCount = $Response.totalCount if ($TotalCount -lt $LoadLimit) { $LoadedCount += $TotalCount $HasMore = $false } elseif ($LoadedCount -lt ($TotalCount - $LoadLimit)) { $HasMore = $true $LoadedCount += $LoadLimit $Body.Remove("offset") $Body.Add("offset", $LoadedCount) } else { $HasMore = $false } $RawVulnerabilities += $Response.items } until ( -not $Paging -or -not $HasMore ) Write-Verbose "Loaded $TotalCount vulnerabilities" } end { if ($Raw) { $RawVulnerabilities } else { Parse-FODVulnerability -InputObject $RawVulnerabilities } } } |