Get Vulnerability by ID

category

enum<string> | null

required

Vulnerability category

Available options:

web,

network,

database,

application,

os,

other,

general,

attack_vector

cert_id

string | null

required

Corresponds to an identifier in the vulnerability database provided by the US Computer Emergency Readiness Team (US-CERT)

cve

string[] | null

required

List of CVEs associated with the vulnerability

cvss_temporal_score

number | null

required

CVSS temporal score

cvss_temporal_vector

string | null

required

CVSS temporal vector

cvss_vector

string | null

required

CVSS vector uses cvss3 when available, provided by the upstream vendor

cvss_version

string | null

required

CVSS version

description

string

required

Description of vulnerability, provided by the upstream vendor

device

object

required

Device attached to the vulnerability, include device groups with includeDeviceGroups query parameter

device.ad_info

object | null

required

device.first_seen

string | null

required

device.id

string

required

device.installed_software

string[] | null

required

device.last_seen

string | null

required

device.source_vendors

object[]

required

device.status

enum<string>

required

Available options:

active,

offline,

quarantined

device.cloud_metadata

object | null

CloudMetadata, currently only AWS is supported

device.fqdns

string[] | null

device.hostnames

string[] | null

device.identities

object[] | null

device.ipv4s

string[] | null

device.ipv6s

string[] | null

device.mac_addresses

string[] | null

device.os_major_version

string | null

device.os_minor_version

string | null

device.os_version

string | null

device.platform

enum<string> | null

Available options:

mac,

windows,

linux,

unknown

device.tags

object[] | null

device.vendor_data

object | null

Vendor specific pass through data, values can vary based on vendor

first_seen

string | null

required

First detection date

id

string

required

Leen's UUID for the vulnerability

last_seen

string | null

required

Last detection date

name

string

required

Name of vulnerability, provided by the upstream vendor

patchable

boolean | null

required

A patch is available

port

integer | null

required

Port number of the vulnerability that was detected

protocol

string | null

required

Protocol of the vulnerability that was detected, example: tcp

scan_output

string | null

required

Scan output that was provided when detected on the device

service

string | null

required

Service of the vulnerability that was detected, example: http

solution

string | null

required

Solution for the vulnerability, provided by upstream vendor

state_updated_at

string | null

required

The last time the state was updated

vendor

enum<string>

required

Source vendor

Available options:

tenable,

qualys,

snyk,

insightvm,

crowdstrike_spotlight,

sentinelone_vms,

MS_DEFENDER_VMS

vendor_id

string | null

required

Vendor's ID of the vulnerability

vendor_scan_id

string | null

required

Vendor's ID of the scan that detected the

vendor_severity

string | null

required

Passthrough value of severity

cvss_base_score

number | null

default:

CVSS base score

severity

enum<string>

default:

none

Available options:

critical,

high,

medium,

low,

info,

none

state

enum<string>

default:

open

Available options:

open,

closed,

reopened,

ignored

vendor_data

object | null

Vendor specific pass through data, values can vary based on vendor

vulnerability_url

string | null

URL to the vulnerability details, provided by the upstream vendor

Authorizations

Path Parameters

Response