Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing vulnerability data from tio.exports.vulns() #707

Open
kwwv opened this issue Jun 15, 2023 · 7 comments
Open

Missing vulnerability data from tio.exports.vulns() #707

kwwv opened this issue Jun 15, 2023 · 7 comments
Labels
Tenable.io Tenable.io Package upstream-api The issue is related to the calling API or API Docs

Comments

@kwwv
Copy link

kwwv commented Jun 15, 2023

Describe the bug
We have been using the tio.exports.vulns(severity=['Critical', 'High', 'Medium']) endpoint in an automated fashion for months. Recently, I noticed assets and vulnerabilities are missing. Specifically, in the most recent export I see data for 165 assets; there should be 377 assets in that response. Did this endpoint change?

To Reproduce
Here is the code I am using:

    vulns = tio.exports.vulns(severity=['Critical', 'High', 'Medium'])
    waiting = True
    while waiting:
        stat = t.tio.exports.status('vulns', vulns.uuid)
        if stat["status"] != "FINISHED":
            print("Export not finished -- waiting:")
            print(stat)
            time.sleep(60)
        else:
            for x in vulns:
                pprint(x)
@aseemsavio aseemsavio added upstream-api The issue is related to the calling API or API Docs Tenable.io Tenable.io Package labels Jun 16, 2023
@aseemsavio
Copy link
Collaborator

Hello, this behavior isn't controlled by pyTenable and seems to be an issue in the upstream API.

@kwwv
Copy link
Author

kwwv commented Jun 16, 2023

Ok. I created an issue with Tenable.io support. So strange, our API responses are significantly different than two weeks ago.

@mcarrenstellar
Copy link

We have the same issue with tio.exports.vulns. We are unable to get any vulns with this method, even though many Agent discovered vulnerabilities are present in the Tenable.IO dashboard. We have been unable to get support from Tenable. Do you know how this method changed?

@aseemsavio
Copy link
Collaborator

@mcarrenstellar This method hasn't changed in a long time. Could you elaborate on "We are unable to get any vulns with this method"? - What filters are you passing? Did the API calls succeed without pyTenable? etc.

@mcarrenstellar
Copy link

@aseemsavio We are not using any filters except for "since" , we get an epoch timestamp representing the last time we ran our script. This is an example. We are able to get scan reports with largely the same method, but not vulnerabilities. We don't use the API directly, just PyTenable.

`from tenable.io import TenableIO
access_key = ""
secret_key = ""

start_time = 1684608030

tio = TenableIO(access_key, secret_key)
print("###### QUERYING VULNS ######")
for vuln in tio.exports.vulns(since=start_time):
print(vuln)

for vuln in tio.exports.vulns():
print(vuln)`

@sanchirico
Copy link

@mcarrenstellar You need to wait for the export to finish, see the example code in the original issue

@sanchirico
Copy link

@aseemsavio This seems to be resolved now along with the asset export issue. @kwwv is no longer active, I'm working on the same project

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Tenable.io Tenable.io Package upstream-api The issue is related to the calling API or API Docs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@aseemsavio @sanchirico @kwwv @mcarrenstellar