- Resource: Finding
- Severity
- Form
- OutdatedLibrary
- ViolatingResource
- VulnerableHeaders
- Header
- VulnerableParameters
- Xss
- AttackVector
- Methods
Resource: Finding
A Finding resource represents a vulnerability instance identified during a ScanRun.
JSON representation | |
---|---|
{ "name": string, "findingType": string, "severity": enum ( |
Fields | |
---|---|
name |
Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system. |
findingType |
Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner |
severity |
Output only. The severity level of the reported vulnerability. |
httpMethod |
Output only. The http method of the request that triggered the vulnerability, in uppercase. |
fuzzedUrl |
Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability. |
body |
Output only. The body of the request that triggered the vulnerability. |
description |
Output only. The description of the vulnerability. |
reproductionUrl |
Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability. |
frameUrl |
Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported. |
finalUrl |
Output only. The URL where the browser lands when the vulnerability is detected. |
trackingId |
Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns. |
form |
Output only. An addon containing information reported for a vulnerability with an HTML form, if any. |
outdatedLibrary |
Output only. An addon containing information about outdated libraries. |
violatingResource |
Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. |
vulnerableHeaders |
Output only. An addon containing information about vulnerable or missing HTTP headers. |
vulnerableParameters |
Output only. An addon containing information about request parameters which were found to be vulnerable. |
xss |
Output only. An addon containing information reported for an XSS, if any. |
Severity
The severity level of a vulnerability.
Enums | |
---|---|
SEVERITY_UNSPECIFIED |
No severity specified. The default value. |
CRITICAL |
Critical severity. |
HIGH |
High severity. |
MEDIUM |
Medium severity. |
LOW |
Low severity. |
Form
! Information about a vulnerability with an HTML.
JSON representation | |
---|---|
{ "actionUri": string, "fields": [ string ] } |
Fields | |
---|---|
actionUri |
! The URI where to send the form when it's submitted. |
fields[] |
! The names of form fields related to the vulnerability. |
OutdatedLibrary
Information reported for an outdated library.
JSON representation | |
---|---|
{ "libraryName": string, "version": string, "learnMoreUrls": [ string ] } |
Fields | |
---|---|
libraryName |
The name of the outdated library. |
version |
The version number. |
learnMoreUrls[] |
URLs to learn more information about the vulnerabilities in the library. |
ViolatingResource
Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
JSON representation | |
---|---|
{ "contentType": string, "resourceUrl": string } |
Fields | |
---|---|
contentType |
The MIME type of this resource. |
resourceUrl |
URL of this violating resource. |
VulnerableHeaders
Information about vulnerable or missing HTTP Headers.
JSON representation | |
---|---|
{ "headers": [ { object ( |
Fields | |
---|---|
headers[] |
List of vulnerable headers. |
missingHeaders[] |
List of missing headers. |
Header
Describes a HTTP Header.
JSON representation | |
---|---|
{ "name": string, "value": string } |
Fields | |
---|---|
name |
Header name. |
value |
Header value. |
VulnerableParameters
Information about vulnerable request parameters.
JSON representation | |
---|---|
{ "parameterNames": [ string ] } |
Fields | |
---|---|
parameterNames[] |
The vulnerable parameter names. |
Xss
Information reported for an XSS.
JSON representation | |
---|---|
{
"stackTraces": [
string
],
"errorMessage": string,
"attackVector": enum ( |
Fields | |
---|---|
stackTraces[] |
Stack traces leading to the point where the XSS occurred. |
errorMessage |
An error message generated by a javascript breakage. |
attackVector |
The attack vector of the payload triggering this XSS. |
storedXssSeedingUrl |
The reproduction url for the seeding POST request of a Stored XSS. |
AttackVector
Types of XSS attack vector.
Enums | |
---|---|
ATTACK_VECTOR_UNSPECIFIED |
Unknown attack vector. |
LOCAL_STORAGE |
The attack comes from fuzzing the browser's localStorage. |
SESSION_STORAGE |
The attack comes from fuzzing the browser's sessionStorage. |
WINDOW_NAME |
The attack comes from fuzzing the window's name property. |
REFERRER |
The attack comes from fuzzing the referrer property. |
FORM_INPUT |
The attack comes from fuzzing an input element. |
COOKIE |
The attack comes from fuzzing the browser's cookies. |
POST_MESSAGE |
The attack comes from hijacking the post messaging mechanism. |
GET_PARAMETERS |
The attack comes from fuzzing parameters in the url. |
URL_FRAGMENT |
The attack comes from fuzzing the fragment in the url. |
HTML_COMMENT |
The attack comes from fuzzing the HTML comments. |
POST_PARAMETERS |
The attack comes from fuzzing the POST parameters. |
PROTOCOL |
The attack comes from fuzzing the protocol. |
STORED_XSS |
The attack comes from the server side and is stored. |
SAME_ORIGIN |
The attack is a Same-Origin Method Execution attack via a GET parameter. |
USER_CONTROLLABLE_URL |
The attack payload is received from a third-party host via a URL that is user-controllable |
Methods |
|
---|---|
|
Gets a Finding. |
|
List Findings under a given ScanRun. |