List vulnerability findings (paginated)

Cortex XSIAM Platform APIs
post /vulnerability-management/v1/vulnerability-finding/search/

Returns paginated vulnerability findings — one record per CVE/asset pair. Use next_page_token from the response to fetch subsequent pages.

Rate limit: 10 per 24 hours period

Filterable fields: ASSET_NAME, ASSET_GROUP_IDS, ASSET_CATEGORY, CVE_ID, CVSS_SEVERITY, PLATFORM_ID, FIX_AVAILABLE, PACKAGE_IN_USE, HAS_KEV, EXPLOIT_LEVEL, EPSS_SCORE, INTERNET_EXPOSED, FIRST_OBSERVED, LAST_OBSERVED.

Sortable fields: EPSS_SCORE, CVSS_SCORE, CORTEX_VULNERABILITY_RISK_SCORE.

Required license: Cortex Cloud Runtime Security or Cortex Cloud Posture Management

CLIENT REQUEST
curl -X 'POST'
-H 'Accept: application/json'
-H 'Content-Type: application/json'
'https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/'
-d '{ "filter" : "", "next_page_token" : "eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==", "sort" : [ { "ORDER" : "DESC", "FIELD" : "CVSS_SCORE" }, { "ORDER" : "DESC", "FIELD" : "CVSS_SCORE" } ] }'
import http.client conn = http.client.HTTPSConnection("api-yourfqdn") payload = "{\"filter\":{\"AND\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}],\"OR\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}]},\"sort\":[{\"FIELD\":\"CVSS_SCORE\",\"ORDER\":\"DESC\"}],\"next_page_token\":\"eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==\"}" headers = { 'content-type': "application/json" } conn.request("POST", "/vulnerability-management/v1/vulnerability-finding/search/", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
require 'uri' require 'net/http' require 'openssl' url = URI("https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Post.new(url) request["content-type"] = 'application/json' request.body = "{\"filter\":{\"AND\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}],\"OR\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}]},\"sort\":[{\"FIELD\":\"CVSS_SCORE\",\"ORDER\":\"DESC\"}],\"next_page_token\":\"eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==\"}" response = http.request(request) puts response.read_body
const data = JSON.stringify({ "filter": { "AND": [ { "SEARCH_FIELD": "string", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": "string" } ], "OR": [ { "SEARCH_FIELD": "string", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": "string" } ] }, "sort": [ { "FIELD": "CVSS_SCORE", "ORDER": "DESC" } ], "next_page_token": "eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==" }); const xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function () { if (this.readyState === this.DONE) { console.log(this.responseText); } }); xhr.open("POST", "https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/"); xhr.setRequestHeader("content-type", "application/json"); xhr.send(data);
HttpResponse<String> response = Unirest.post("https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/") .header("content-type", "application/json") .body("{\"filter\":{\"AND\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}],\"OR\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}]},\"sort\":[{\"FIELD\":\"CVSS_SCORE\",\"ORDER\":\"DESC\"}],\"next_page_token\":\"eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==\"}") .asString();
import Foundation let headers = ["content-type": "application/json"] let parameters = [ "filter": [ "AND": [ [ "SEARCH_FIELD": "string", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": "string" ] ], "OR": [ [ "SEARCH_FIELD": "string", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": "string" ] ] ], "sort": [ [ "FIELD": "CVSS_SCORE", "ORDER": "DESC" ] ], "next_page_token": "eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==" ] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume()
<?php $curl = curl_init(); curl_setopt_array($curl, [ CURLOPT_URL => "https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => "{\"filter\":{\"AND\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}],\"OR\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}]},\"sort\":[{\"FIELD\":\"CVSS_SCORE\",\"ORDER\":\"DESC\"}],\"next_page_token\":\"eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==\"}", CURLOPT_HTTPHEADER => [ "content-type: application/json" ], ]); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { echo $response; }
CURL *hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST"); curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/"); struct curl_slist *headers = NULL; headers = curl_slist_append(headers, "content-type: application/json"); curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"filter\":{\"AND\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}],\"OR\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}]},\"sort\":[{\"FIELD\":\"CVSS_SCORE\",\"ORDER\":\"DESC\"}],\"next_page_token\":\"eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==\"}"); CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://api-yourfqdn/vulnerability-management/v1/vulnerability-finding/search/"); var request = new RestRequest(Method.POST); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"filter\":{\"AND\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}],\"OR\":[{\"SEARCH_FIELD\":\"string\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"string\"}]},\"sort\":[{\"FIELD\":\"CVSS_SCORE\",\"ORDER\":\"DESC\"}],\"next_page_token\":\"eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==\"}", ParameterType.RequestBody); IRestResponse response = client.Execute(request);
Body parameters
required
application/json

Request body for paginated vulnerability findings search.

filterobject

Optional filter block. Filterable fields: ASSET_NAME, ASSET_GROUP_IDS, ASSET_CATEGORY, CVE_ID, CVSS_SEVERITY, PLATFORM_ID, FIX_AVAILABLE, PACKAGE_IN_USE, HAS_KEV, EXPLOIT_LEVEL, EPSS_SCORE, INTERNET_EXPOSED, FIRST_OBSERVED, LAST_OBSERVED.

ANDarray
[
SEARCH_FIELDstringrequired

Field name to filter on.

SEARCH_TYPEstring (Enum)required

Comparison operator.

Allowed values:"EQ""NEQ""GTE""LTE""CONTAINS""NOT_CONTAINS""IN""NOT_IN""RELATIVE_TIMESTAMP"
SEARCH_VALUEobjectrequired

Value to compare against. Type depends on the field.

string

Value to compare against. Type depends on the field.

number

Value to compare against. Type depends on the field.

boolean

Value to compare against. Type depends on the field.

Array
]
ORarray
[
SEARCH_FIELDstringrequired

Field name to filter on.

SEARCH_TYPEstring (Enum)required

Comparison operator.

Allowed values:"EQ""NEQ""GTE""LTE""CONTAINS""NOT_CONTAINS""IN""NOT_IN""RELATIVE_TIMESTAMP"
SEARCH_VALUEobjectrequired

Value to compare against. Type depends on the field.

string

Value to compare against. Type depends on the field.

number

Value to compare against. Type depends on the field.

boolean

Value to compare against. Type depends on the field.

Array
]
sortarray

Optional sort criteria. Sortable fields: EPSS_SCORE, CVSS_SCORE, CORTEX_VULNERABILITY_RISK_SCORE.

[
FIELDstringrequired

Field to sort by. Allowed values: EPSS_SCORE, CVSS_SCORE, CORTEX_VULNERABILITY_RISK_SCORE.

Example:"CVSS_SCORE"
ORDERstring (Enum)required
Example:"DESC"
Allowed values:"ASC""DESC"
]
next_page_tokenstring

Opaque token returned by a previous response to fetch the next page. Omit on the first request.

Example:"eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ=="
REQUEST
{ "request_data": { "filter": { "AND": [ { "SEARCH_FIELD": "LAST_OBSERVED", "SEARCH_TYPE": "RELATIVE_TIMESTAMP", "SEARCH_VALUE": 2592000000 } ] }, "sort": [ { "FIELD": "CVSS_SCORE", "ORDER": "DESC" } ] } }
{ "request_data": { "filter": { "AND": [ { "SEARCH_FIELD": "CVSS_SEVERITY", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": "SEV_070_CRITICAL" } ] } } }
{ "request_data": { "filter": { "AND": [ { "SEARCH_FIELD": "EPSS_SCORE", "SEARCH_TYPE": "GTE", "SEARCH_VALUE": 0.7 }, { "SEARCH_FIELD": "HAS_KEV", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": true } ] }, "sort": [ { "FIELD": "EPSS_SCORE", "ORDER": "DESC" } ] } }
{ "request_data": { "filter": { "AND": [ { "SEARCH_FIELD": "INTERNET_EXPOSED", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": true } ] }, "next_page_token": "eyJsYXN0X2VsZW1lbnQiOiAxMjM0fQ==" } }
{ "request_data": { "filter": { "AND": [ { "SEARCH_FIELD": "ASSET_CATEGORY", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": "VM Instance" }, { "SEARCH_FIELD": "FIX_AVAILABLE", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": true }, { "SEARCH_FIELD": "CVSS_SEVERITY", "SEARCH_TYPE": "EQ", "SEARCH_VALUE": "SEV_060_HIGH" } ] }, "sort": [ { "FIELD": "CVSS_SCORE", "ORDER": "DESC" } ] } }
Responses

Successful response with vulnerability findings.

Body
application/json

Paginated response containing vulnerability findings.

replyobject
dataarray
[
platform_idstring

Unique platform identifier for this finding.

Example:"c273519c3b61adfb7dc46547fbcbfa32"
asset_idstring

Unique asset identifier (SHA-256 hash).

Example:"fef704015fd52a8495025f830b7483988d170f93b5807617761e4af827275a83"
asset_namestring

Name of the affected asset.

Example:"SNMP Server at 89.170.90.209:161"
asset_typestring

Type of the asset (e.g. SERVICE, HOST).

Example:"SERVICE"
asset_type_classstring

High-level classification of the asset type.

Example:"External Surface"
asset_categorystring

Category of the asset (e.g. Cloud, Service, Endpoint).

Example:"Service"
asset_group_idsarray[string]

Asset group identifiers the asset belongs to.

Example:["grp-001","grp-002"]
type_idstring

Internal numeric type identifier for the asset.

Example:"140000000"
cve_idstring

CVE identifier.

Example:"CVE-2025-20169"
cve_descriptionstring

Full description of the CVE vulnerability.

Example:"A vulnerability in the SNMP subsystem of Cisco IOS Software..."
cve_publish_dateintegerint64

Unix timestamp (milliseconds) when the CVE was published.

Example:1738713600000
published_dateintegerint64

Unix timestamp (milliseconds) when the finding was published.

Example:1738713600000
cvss_scorenumberfloat

CVSS base score (0–10).

Example:7.7
cvss_severitystring (Enum)

CVSS severity rating.

Example:"HIGH"
Allowed values:"CRITICAL""HIGH""MEDIUM""LOW""INFORMATIONAL""UNKNOWN"
epss_scorenumberfloat

EPSS probability score (0–1).

Example:0.00368
cortex_vulnerability_risk_scorenumberfloat

Cortex-computed composite risk score for this finding. Null if not yet calculated.

cve_risk_factorsarray[string]

List of risk factor labels associated with the CVE.

Example:["Attack vector: network","High severity","Attack complexity: low","DoS - High"]
has_kevboolean

Whether the CVE is in the CISA Known Exploited Vulnerabilities (KEV) catalog.

exploitableboolean

Whether the vulnerability is considered exploitable.

exploit_levelstring (Enum)

Exploit maturity level.

Example:"NONE"
Allowed values:"WEAPONIZED""POC""NO_KNOWN_EXPLOIT""NONE""UNKNOWN"
fix_availableboolean

Whether a fix is available for this finding.

fix_versionsarray[string]

List of versions that contain a fix for this CVE.

fix_dateintegerint64

Unix timestamp (milliseconds) when a fix became available. Null if no fix date is known.

affected_softwarestring

Name of the affected software component. Null if not applicable.

internet_exposedboolean

Whether the asset is exposed to the internet.

Example:true
ipv4_addressesarray[string]

IPv4 addresses associated with the asset.

Example:["89.170.90.209"]
ipv6_addressesarray[string]

IPv6 addresses associated with the asset.

operating_systemstring

Operating system of the asset. Null if not detected.

os_familystring

OS family of the asset (e.g. Windows, Linux). Null if not detected.

locationstring

Geographic or logical location of the asset. Null if not available.

providerstring

Infrastructure provider for the asset (e.g. ON_PREM, AWS, GCP, AZURE).

Example:"ON_PREM"
finding_sourcesarray[string]

List of sources that detected this finding.

Example:["CORTEX_ATTACK_SURFACE_MANAGEMENT"]
source_tagsarray[string]

Tags applied by the detection source.

Example:["asm.attribution.organization_names:[Acme Corp]"]
has_issueboolean

Whether an issue has been raised for this finding.

issue_idstring

Identifier of the associated issue, if any.

remediationstring

Remediation guidance for this finding. Null if not available.

package_in_useboolean

Whether the affected package is actively in use on the asset. Null if not applicable.

package_versionstring

Version of the affected package. Null if not applicable.

package_typestring

Type of the affected package (e.g. npm, pip, deb). Null if not applicable.

package_purlstring

Package URL (PURL) for the affected package. Null if not applicable.

package_licensesarray[string]

Licenses associated with the affected package.

package_authorstring

Author of the affected package. Null if not applicable.

package_symbolsarray[string]

Symbols exported by the affected package.

package_file_creation_timeintegerint64

Unix timestamp (milliseconds) when the package file was created. Null if not applicable.

origin_package_namestring

Name of the originating package. Null if not applicable.

file_pathstring

File path of the affected package on the asset. Null if not applicable.

application_versionstring

Version of the affected application. Null if not applicable.

imagestring

Container image identifier. Null if not a container finding.

image_namestring

Container image name. Null if not a container finding.

layer_idstring

Container image layer identifier. Null if not a container finding.

derived_from_base_imageboolean

Whether the finding originates from a base image layer. Null if not applicable.

is_derivedboolean

Whether this finding is derived from another finding.

is_rootboolean

Whether this is a root-level finding. Null if not applicable.

volume_asset_idstring

Asset ID of the associated volume. Null if not applicable.

volume_pathstring

Path within the volume. Null if not applicable.

partition_idstring

Partition identifier. Null if not applicable.

partition_id_typestring

Type of the partition identifier. Null if not applicable.

disk_namestring

Disk name associated with the finding. Null if not applicable.

first_observedintegerint64

Unix timestamp (milliseconds) when the finding was first observed.

Example:1764890719158
last_observedintegerint64

Unix timestamp (milliseconds) when the finding was last observed.

Example:1764715866000
]
filter_countinteger

Total number of findings matching the applied filter.

Example:342
total_countinteger

Total number of findings across all filters.

Example:10500
next_page_tokenstring

Present only when additional pages exist. Pass this value as next_page_token in the next request.

Example:"eyJsYXN0X2VsZW1lbnQiOiA1Njc4fQ=="
RESPONSE
{ "reply": { "data": [ { "cortex_vulnerability_risk_score": null, "asset_name": "SNMP Server at 89.170.90.209:161", "cve_id": "CVE-2025-20169", "cve_description": "A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. \r\nThis vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.", "epss_score": 0.00368, "cvss_score": 7.7, "cvss_severity": "HIGH", "fix_versions": [], "fix_date": null, "published_date": 1738713600000, "cve_risk_factors": [ "Attack vector: network", "High severity", "Attack complexity: low", "DoS - High" ], "affected_software": null, "has_kev": null, "exploitable": false, "exploit_level": "NONE", "asset_type": "SERVICE", "asset_category": "Service", "has_issue": false, "ipv4_addresses": [ "89.170.90.209" ], "ipv6_addresses": [], "operating_system": null, "os_family": null, "location": null, "internet_exposed": true, "provider": "ON_PREM", "finding_sources": [ "CORTEX_ATTACK_SURFACE_MANAGEMENT" ], "first_observed": 1764890719158, "last_observed": 1764715866000, "source_tags": [ "asm.attribution.organization_names:[Parameter FAKE_2332423424]" ], "layer_id": null, "image": null, "origin_package_name": null, "package_file_creation_time": null, "package_licenses": [], "package_version": null, "package_purl": null, "package_type": null, "cve_publish_date": 1738713600000, "platform_id": "c273519c3b61adfb7dc46547fbcbfa32", "asset_id": "fef704015fd52a8495025f830b7483988d170f93b5807617761e4af827275a83", "fix_available": false, "package_in_use": null, "file_path": null, "package_symbols": [], "package_author": null, "application_version": null, "asset_type_class": "External Surface", "type_id": "140000000", "derived_from_base_image": null, "is_derived": false, "image_name": null, "asset_group_ids": [], "volume_asset_id": null, "is_root": null, "volume_path": null, "partition_id": null, "partition_id_type": null, "disk_name": null, "remediation": null, "issue_id": null } ], "filter_count": 342, "total_count": 10500, "next_page_token": "eyJsYXN0X2VsZW1lbnQiOiA1Njc4fQ==" } }
{ "reply": { "data": [ { "cortex_vulnerability_risk_score": null, "asset_name": "SNMP Server at 89.170.90.209:161", "cve_id": "CVE-2025-20169", "cve_description": "A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. \r\nThis vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.", "epss_score": 0.00368, "cvss_score": 7.7, "cvss_severity": "HIGH", "fix_versions": [], "fix_date": null, "published_date": 1738713600000, "cve_risk_factors": [ "Attack vector: network", "High severity", "Attack complexity: low", "DoS - High" ], "affected_software": null, "has_kev": null, "exploitable": false, "exploit_level": "NONE", "asset_type": "SERVICE", "asset_category": "Service", "has_issue": false, "ipv4_addresses": [ "89.170.90.209" ], "ipv6_addresses": [], "operating_system": null, "os_family": null, "location": null, "internet_exposed": true, "provider": "ON_PREM", "finding_sources": [ "CORTEX_ATTACK_SURFACE_MANAGEMENT" ], "first_observed": 1764890719158, "last_observed": 1764715866000, "source_tags": [ "asm.attribution.organization_names:[Parameter FAKE_2332423424]" ], "layer_id": null, "image": null, "origin_package_name": null, "package_file_creation_time": null, "package_licenses": [], "package_version": null, "package_purl": null, "package_type": null, "cve_publish_date": 1738713600000, "platform_id": "c273519c3b61adfb7dc46547fbcbfa32", "asset_id": "fef704015fd52a8495025f830b7483988d170f93b5807617761e4af827275a83", "fix_available": false, "package_in_use": null, "file_path": null, "package_symbols": [], "package_author": null, "application_version": null, "asset_type_class": "External Surface", "type_id": "140000000", "derived_from_base_image": null, "is_derived": false, "image_name": null, "asset_group_ids": [], "volume_asset_id": null, "is_root": null, "volume_path": null, "partition_id": null, "partition_id_type": null, "disk_name": null, "remediation": null, "issue_id": null } ], "filter_count": 342, "total_count": 10500 } }

Invalid filter parameters or expired page token.

Body
application/json

Standard error response for vulnerability findings endpoints.

replyobject
err_codeinteger
Example:400
err_msgstring
Example:"Invalid filter parameters"
err_extrastring
Example:"Field 'unknown_field' is not allowed"
RESPONSE
{ "reply": { "err_code": 400, "err_msg": "Token Expired" } }
{ "reply": { "err_code": 400, "err_msg": "Invalid filter parameters" } }

Rate limit exceeded.

Body
application/json

Standard error response for vulnerability findings endpoints.

replyobject
err_codeinteger
Example:400
err_msgstring
Example:"Invalid filter parameters"
err_extrastring
Example:"Field 'unknown_field' is not allowed"
RESPONSE
{ "reply": { "err_code": 400, "err_msg": "Invalid filter parameters", "err_extra": "Field 'unknown_field' is not allowed" } }