REST Resource: projects.scanConfigs.scanRuns.findings

Resource: Finding

A Finding resource represents a vulnerability instance identified during a ScanRun.

JSON representation
{
  "name": string,
  "findingType": string,
  "severity": enum (Severity),
  "httpMethod": string,
  "fuzzedUrl": string,
  "body": string,
  "description": string,
  "reproductionUrl": string,
  "frameUrl": string,
  "finalUrl": string,
  "trackingId": string,
  "form": {
    object (Form)
  },
  "outdatedLibrary": {
    object (OutdatedLibrary)
  },
  "violatingResource": {
    object (ViolatingResource)
  },
  "vulnerableHeaders": {
    object (VulnerableHeaders)
  },
  "vulnerableParameters": {
    object (VulnerableParameters)
  },
  "xss": {
    object (Xss)
  },
  "xxe": {
    object (Xxe)
  }
}
Fields
name

string

The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.

findingType

string

The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner

severity

enum (Severity)

The severity level of the reported vulnerability.

httpMethod

string

The http method of the request that triggered the vulnerability, in uppercase.

fuzzedUrl

string

The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

body

string

The body of the request that triggered the vulnerability.

description

string

The description of the vulnerability.

reproductionUrl

string

The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

frameUrl

string

If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

finalUrl

string

The URL where the browser lands when the vulnerability is detected.

trackingId

string

The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

form

object (Form)

An addon containing information reported for a vulnerability with an HTML form, if any.

outdatedLibrary

object (OutdatedLibrary)

An addon containing information about outdated libraries.

violatingResource

object (ViolatingResource)

An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

vulnerableHeaders

object (VulnerableHeaders)

An addon containing information about vulnerable or missing HTTP headers.

vulnerableParameters

object (VulnerableParameters)

An addon containing information about request parameters which were found to be vulnerable.

xss

object (Xss)

An addon containing information reported for an XSS, if any.

xxe

object (Xxe)

An addon containing information reported for an XXE, if any.

Severity

The severity level of a vulnerability.

Enums
SEVERITY_UNSPECIFIED No severity specified. The default value.
CRITICAL Critical severity.
HIGH High severity.
MEDIUM Medium severity.
LOW Low severity.

Form

! Information about a vulnerability with an HTML.

JSON representation
{
  "actionUri": string,
  "fields": [
    string
  ]
}
Fields
actionUri

string

! The URI where to send the form when it's submitted.

fields[]

string

! The names of form fields related to the vulnerability.

OutdatedLibrary

Information reported for an outdated library.

JSON representation
{
  "libraryName": string,
  "version": string,
  "learnMoreUrls": [
    string
  ]
}
Fields
libraryName

string

The name of the outdated library.

version

string

The version number.

learnMoreUrls[]

string

URLs to learn more information about the vulnerabilities in the library.

ViolatingResource

Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

JSON representation
{
  "contentType": string,
  "resourceUrl": string
}
Fields
contentType

string

The MIME type of this resource.

resourceUrl

string

URL of this violating resource.

VulnerableHeaders

Information about vulnerable or missing HTTP Headers.

JSON representation
{
  "headers": [
    {
      object (Header)
    }
  ],
  "missingHeaders": [
    {
      object (Header)
    }
  ]
}
Fields
headers[]

object (Header)

List of vulnerable headers.

missingHeaders[]

object (Header)

List of missing headers.

VulnerableParameters

Information about vulnerable request parameters.

JSON representation
{
  "parameterNames": [
    string
  ]
}
Fields
parameterNames[]

string

The vulnerable parameter names.

Xss

Information reported for an XSS.

JSON representation
{
  "stackTraces": [
    string
  ],
  "errorMessage": string
}
Fields
stackTraces[]

string

Stack traces leading to the point where the XSS occurred.

errorMessage

string

An error message generated by a javascript breakage.

Xxe

Information reported for an XXE.

JSON representation
{
  "payloadValue": string,
  "payloadLocation": enum (Location)
}
Fields
payloadValue

string

The XML string that triggered the XXE vulnerability. Non-payload values might be redacted.

payloadLocation

enum (Location)

Location within the request where the payload was placed.

Location

Locations within a request where XML was substituted.

Enums
LOCATION_UNSPECIFIED Unknown Location.
COMPLETE_REQUEST_BODY The XML payload replaced the complete request body.

Methods

get

Gets a Finding.

list

List Findings under a given ScanRun.