Qualys CloudView Swagger temporary discontinuation notice
Last updated on: February 6, 2023
During the Swagger version upgrade in Qualys CloudView, we encountered operational issues with the latest version used in a third-party library. We have temporarily discontinued Qualys CloudView REST API access via Swagger for the time being.
All the CloudView REST APIs remain unchanged and accessible. We recommend you use alternative methods (such as Postman) to access CloudView REST APIs.
Changes in CloudView
We have also removed all references to Swagger URL from the CloudView UI. Currently, you find these references to Swagger in the Rest Reference links in CloudView.
For example, if you navigate to Monitor -> Cloud Posture -> click the icon (Rest API).
The API request, as seen above, will continue to be displayed. However, the Rest Reference link to Swagger will be removed. These changes are applicable across the CloudView application.
These changes will be introduced with the upcoming CloudView 1.26 release targeted for January 2023.
We also plan to upgrade Swagger in Q2 2023 with better user experience, new APIs, improved security, and performance enhancements.
Could you be more clear about specific vulnerabilities were discovered and how? I don’t see anything recent on vulnerabilities in Swagger – everything I see is ancient. Are these uniquely found by Qualys or are these old problems you are just discovering?