XML::VulnerabilityDetail/Complete API missing an instances value for vulnerabilities

[ziggyjosh16]

Expected Behavior

I think that the API would be improved if it could return a value for instances based on a vuln_id.
Based on the value shown in the vulnerabilities tab in the UI.

Current Behavior

The current configuration only return instances of vulnerabilities from scan results of individual assets/groups/or sites. These do not focus on the vulnerabilities themselves. It is achievable, but requires much more drill down logic and time-consuming Nexpose::Connection method calls which usually end up in a Timeout Error.

Possible Solution

I'm sure there is an XML value that holds this information that can to be referenced

Just an example of what I'm trying to achieve:

vulns = nsc.all_vulns.select! { |v| v.title.downcase.include?(filter) }
		#total unique vulnerabilities matching the specified filter
		totalvulns = vulns.size
		totalinstances = 0
		#go through each vuln to get instances, sorted by date published
		vulns.each do |a|
			a = nsc.vuln_details(a.id)
			totalinstances += **a.instances** <------ (something like this would be nice)
		end

Am trying to accomplish a date based representation of vulnerability instances without using scan data.

[ziggyjosh16]

this doesn't have to be within Nexpose::XML. Ideally the instance value should be accessible by referring to an object/XML block using a vuln_id.

I'm not an expert at the API, if there is something out there that I missed or another way to achieve this that would be fine too.

[gschneider-r7]

This can be done with the new API V3 endpoint /api/3/vulnerabilities/{id}/assets where {id} is a vulnerability id string like cifs-smb-signing-disabled. Documentation for the new API is available in the security console's help menu.