Skip to content

/AWS1/CL_IN2VULNERABILITY

Contains details about a specific vulnerability Amazon Inspector can detect.

CONSTRUCTOR

IMPORTING

Required arguments:

iv_id TYPE /AWS1/IN2NONEMPTYSTRING /AWS1/IN2NONEMPTYSTRING

The ID for the specific vulnerability.

Optional arguments:

it_cwes TYPE /AWS1/CL_IN2CWES_W=>TT_CWES TT_CWES

The Common Weakness Enumeration (CWE) associated with the vulnerability.

io_cisadata TYPE REF TO /AWS1/CL_IN2CISADATA /AWS1/CL_IN2CISADATA

An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.

iv_source TYPE /AWS1/IN2VULNERABILITYSOURCE /AWS1/IN2VULNERABILITYSOURCE

The source of the vulnerability information. Possible results are RHEL, AMAZON_CVE, DEBIAN or NVD.

iv_description TYPE /AWS1/IN2VULNERABILITYDESC /AWS1/IN2VULNERABILITYDESC

A description of the vulnerability.

io_atigdata TYPE REF TO /AWS1/CL_IN2ATIGDATA /AWS1/CL_IN2ATIGDATA

An object that contains information about the Amazon Web Services Threat Intel Group (ATIG) details for the vulnerability.

iv_vendorseverity TYPE /AWS1/IN2VENDORSEVERITY /AWS1/IN2VENDORSEVERITY

The severity assigned by the vendor.

io_cvss4 TYPE REF TO /AWS1/CL_IN2CVSS4 /AWS1/CL_IN2CVSS4

An object that contains the Common Vulnerability Scoring System (CVSS) Version 4 details for the vulnerability.

io_cvss3 TYPE REF TO /AWS1/CL_IN2CVSS3 /AWS1/CL_IN2CVSS3

An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.

it_relatedvulnerabilities TYPE /AWS1/CL_IN2RELATEDVULNERABI00=>TT_RELATEDVULNERABILITIES TT_RELATEDVULNERABILITIES

A list of related vulnerabilities.

io_cvss2 TYPE REF TO /AWS1/CL_IN2CVSS2 /AWS1/CL_IN2CVSS2

An object that contains the Common Vulnerability Scoring System (CVSS) Version 2 details for the vulnerability.

iv_vendorcreatedat TYPE /AWS1/IN2VENDORCREATEDAT /AWS1/IN2VENDORCREATEDAT

The date and time when the vendor created this vulnerability.

iv_vendorupdatedat TYPE /AWS1/IN2VENDORUPDATEDAT /AWS1/IN2VENDORUPDATEDAT

The date and time when the vendor last updated this vulnerability.

iv_sourceurl TYPE /AWS1/IN2VULNERABILITYSRCURL /AWS1/IN2VULNERABILITYSRCURL

A link to the official source material for this vulnerability.

it_referenceurls TYPE /AWS1/CL_IN2VULNERABILITYREF00=>TT_VULNERABILITYREFERENCEURLS TT_VULNERABILITYREFERENCEURLS

Links to various resources with more information on this vulnerability.

io_exploitobserved TYPE REF TO /AWS1/CL_IN2EXPLOITOBSERVED /AWS1/CL_IN2EXPLOITOBSERVED

An object that contains details on when the exploit was observed.

it_detectionplatforms TYPE /AWS1/CL_IN2DETECTPLATFORMS_W=>TT_DETECTIONPLATFORMS TT_DETECTIONPLATFORMS

Platforms that the vulnerability can be detected on.

io_epss TYPE REF TO /AWS1/CL_IN2EPSS /AWS1/CL_IN2EPSS

An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.

Queryable Attributes

id

The ID for the specific vulnerability.

Accessible with the following methods

Method Description
GET_ID() Getter for ID, with configurable default
ASK_ID() Getter for ID w/ exceptions if field has no value
HAS_ID() Determine if ID has a value

cwes

The Common Weakness Enumeration (CWE) associated with the vulnerability.

Accessible with the following methods

Method Description
GET_CWES() Getter for CWES, with configurable default
ASK_CWES() Getter for CWES w/ exceptions if field has no value
HAS_CWES() Determine if CWES has a value

cisaData

An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.

Accessible with the following methods

Method Description
GET_CISADATA() Getter for CISADATA

source

The source of the vulnerability information. Possible results are RHEL, AMAZON_CVE, DEBIAN or NVD.

Accessible with the following methods

Method Description
GET_SOURCE() Getter for SOURCE, with configurable default
ASK_SOURCE() Getter for SOURCE w/ exceptions if field has no value
HAS_SOURCE() Determine if SOURCE has a value

description

A description of the vulnerability.

Accessible with the following methods

Method Description
GET_DESCRIPTION() Getter for DESCRIPTION, with configurable default
ASK_DESCRIPTION() Getter for DESCRIPTION w/ exceptions if field has no value
HAS_DESCRIPTION() Determine if DESCRIPTION has a value

atigData

An object that contains information about the Amazon Web Services Threat Intel Group (ATIG) details for the vulnerability.

Accessible with the following methods

Method Description
GET_ATIGDATA() Getter for ATIGDATA

vendorSeverity

The severity assigned by the vendor.

Accessible with the following methods

Method Description
GET_VENDORSEVERITY() Getter for VENDORSEVERITY, with configurable default
ASK_VENDORSEVERITY() Getter for VENDORSEVERITY w/ exceptions if field has no valu
HAS_VENDORSEVERITY() Determine if VENDORSEVERITY has a value

cvss4

An object that contains the Common Vulnerability Scoring System (CVSS) Version 4 details for the vulnerability.

Accessible with the following methods

Method Description
GET_CVSS4() Getter for CVSS4

cvss3

An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.

Accessible with the following methods

Method Description
GET_CVSS3() Getter for CVSS3

relatedVulnerabilities

A list of related vulnerabilities.

Accessible with the following methods

Method Description
GET_RELATEDVULNERABILITIES() Getter for RELATEDVULNERABILITIES, with configurable default
ASK_RELATEDVULNERABILITIES() Getter for RELATEDVULNERABILITIES w/ exceptions if field has
HAS_RELATEDVULNERABILITIES() Determine if RELATEDVULNERABILITIES has a value

cvss2

An object that contains the Common Vulnerability Scoring System (CVSS) Version 2 details for the vulnerability.

Accessible with the following methods

Method Description
GET_CVSS2() Getter for CVSS2

vendorCreatedAt

The date and time when the vendor created this vulnerability.

Accessible with the following methods

Method Description
GET_VENDORCREATEDAT() Getter for VENDORCREATEDAT, with configurable default
ASK_VENDORCREATEDAT() Getter for VENDORCREATEDAT w/ exceptions if field has no val
HAS_VENDORCREATEDAT() Determine if VENDORCREATEDAT has a value

vendorUpdatedAt

The date and time when the vendor last updated this vulnerability.

Accessible with the following methods

Method Description
GET_VENDORUPDATEDAT() Getter for VENDORUPDATEDAT, with configurable default
ASK_VENDORUPDATEDAT() Getter for VENDORUPDATEDAT w/ exceptions if field has no val
HAS_VENDORUPDATEDAT() Determine if VENDORUPDATEDAT has a value

sourceUrl

A link to the official source material for this vulnerability.

Accessible with the following methods

Method Description
GET_SOURCEURL() Getter for SOURCEURL, with configurable default
ASK_SOURCEURL() Getter for SOURCEURL w/ exceptions if field has no value
HAS_SOURCEURL() Determine if SOURCEURL has a value

referenceUrls

Links to various resources with more information on this vulnerability.

Accessible with the following methods

Method Description
GET_REFERENCEURLS() Getter for REFERENCEURLS, with configurable default
ASK_REFERENCEURLS() Getter for REFERENCEURLS w/ exceptions if field has no value
HAS_REFERENCEURLS() Determine if REFERENCEURLS has a value

exploitObserved

An object that contains details on when the exploit was observed.

Accessible with the following methods

Method Description
GET_EXPLOITOBSERVED() Getter for EXPLOITOBSERVED

detectionPlatforms

Platforms that the vulnerability can be detected on.

Accessible with the following methods

Method Description
GET_DETECTIONPLATFORMS() Getter for DETECTIONPLATFORMS, with configurable default
ASK_DETECTIONPLATFORMS() Getter for DETECTIONPLATFORMS w/ exceptions if field has no
HAS_DETECTIONPLATFORMS() Determine if DETECTIONPLATFORMS has a value

epss

An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.

Accessible with the following methods

Method Description
GET_EPSS() Getter for EPSS

Public Local Types In This Class

Internal table types, representing arrays and maps of this class, are defined as local types:

TT_VULNERABILITIES

TYPES TT_VULNERABILITIES TYPE STANDARD TABLE OF REF TO /AWS1/CL_IN2VULNERABILITY WITH DEFAULT KEY
.