Get Vulnerabilities of a Device
| API version | 3.2 |
|---|---|
| Last Update | 08/15/2023 |
| Authentication | YES |
| HTTP Method | POST |
| Content Type | application/json |
| Rate limited | YES |
| Requests per rate limit | 10 requests/min |
| Response Format | JSON |
| Change History | Added support for Known Exploited Vulnerabilities |
Use to fetch detected vulnerabilities that are associated to a device
API URL
Request Parameters
| Key | Datatype | Parameter Type | Required | Description | Default |
|---|---|---|---|---|---|
| access_token | string | URL | Yes | access token which archived from OAuth authentication step | |
| id | string | Body | Yes | The Device ID or MAC Address of a device you want to fetch vulnerabilities | |
| verbose | int | Body | Optional | 1 - detailed vulnerability information will return in response 0 - response only include CVE IDs, no detailed information | 0 |
| limit | int | Body | Optional | Specific maximum number of vulnerabilities will be returned in the response. The value should be in [1,100]. | 100 |
| page | int | Body | Optional | A page you want to get data | 1 |
| filter | object | Body | Optional | Specify filter criteria | |
| filter.score_type | string | Body | Optional | Specify what score type used to filter along with the field filter.score Value can be: "opswat_score", "cvss2_ score", "cvss3_score" | opswat_score |
| filter.severity | array | Body | Optional | Filter vulnerabilities based on score_type:
| all based on selected score_type |
| filter.kev | int | Body | Optional | 0: Return all CVEs 1: Only return CVEs in the KEV list | 0 |
Response HTTP Code
See details in the Response HTTP Code section in this page
Response Parameters
| Key | DataType | Description |
|---|---|---|
| cve_id | string | CVE ID |
| severity | string | vulnerability severity. Value can be: "critical", "important", "moderate", "low", "unknown", "high", "medium" |
| summary | string | Vulnerability summary |
| update_date | string | The last date NIST updated this vulnerability |
| publish_date | string | The date NIST published this vulnerability |
| opswat_score | string | OPSWAT score |
| cvss2_score | string | CVSS 2 score |
| cvss3_score | number | CVSS 3 score |
| remediation | string | Suggestion to remediate the CVE |
| cwe_id | string | A CWE(Common Weakness Enumeration) group identification string. |
| kev.due_date | string | The due date to fix this vulnerability |
| kev.published_date | string | The date CISA published this vulnerability |
Example
Example Request:
Example Response with verbose as OFF
Example Response with verbose as ON
History
Was this page helpful?