GET
/
vms
/
vulnerabilities
/
{vuln_id}

Authorizations

X-CONNECTION-ID
string
headerrequired
X-API-KEY
string
headerrequired

Path Parameters

vuln_id
string
required

Response

200 - application/json
id
string
required

Leen's UUID for the vulnerability

device
object
required

Device attached to the vulnerability, include device groups with includeDeviceGroups query parameter

name
string
required

Name of vulnerability, provided by the upstream vendor

description
string
required

Description of vulnerability, provided by the upstream vendor

scan_output
string | null
required

Scan output that was provided when detected on the device

cve
string[] | null
required

List of CVEs associated with the vulnerability

cvss_version
string | null
required

CVSS version

cvss_base_score
number | null
cvss_vector
string | null
required

CVSS vector uses cvss3 when available, provided by the upstream vendor

cvss_temporal_score
number | null
required

CVSS temporal score

cvss_temporal_vector
string | null
required

CVSS temporal vector

cert_id
string | null
required

Corresponds to an identifier in the vulnerability database provided by the US Computer Emergency Readiness Team (US-CERT)

port
integer | null
required

Port number of the vulnerability that was detected

protocol
string | null
required

Protocol of the vulnerability that was detected, example: tcp

service
string | null
required

Service of the vulnerability that was detected, example: http

severity
enum<string>
Available options:
critical,
high,
medium,
low,
info,
none
first_seen
string | null
required

First detection date

last_seen
string | null
required

Last detection date

state
enum<string>
Available options:
open,
closed,
reopened,
ignored
state_updated_at
string | null
required

The last time the state was updated

patchable
boolean | null
required

A patch is available

solution
string | null
required

Solution for the vulnerability, provided by upstream vendor

category
enum<string> | null
required

Vulnerability category

Available options:
web,
network,
database,
application,
os,
other,
general,
attack_vector
vendor
enum<string>
required

Source vendor

Available options:
tenable,
qualys,
snyk,
insightvm,
crowdstrike_spotlight,
sentinelone_vms,
MS_DEFENDER_VMS
vendor_id
string | null
required

Vendor's ID of the vulnerability

vendor_severity
string | null
required

Passthrough value of severity

vendor_scan_id
string | null
required

Vendor's ID of the scan that detected the

vendor_data
object | null

Vendor specific pass through data, values can vary based on vendor