Get Vulnerability Tests

Cortex Xpanse REST API
post /public_api/v1/assets/get_vulnerability_tests/

Get a complete or filtered list of vulnerability tests. Response include details about each test, including the number of services confirmed vulnerable.

To view vulnerability test results, use the Get All Services or Get Service Details endpoints.

Request headers
authorization
String
required
api-key
Example: {{api_key}}
x-xdr-auth-id
String
required
api-key-id
Example: {{api_key_id}}
Body parameters
required
request_dataObject
filtersArray
[
fieldString (Enum)
Allowed values:"name""test_names""vulnerability_ids""description""vendor_names""status""affected_software""severity_score""cwe_ids""epss_score""count_vulnerable_services"
operatorString (Enum)

Identifies the comparison operator to use for this filter. The following list shows which operator can be used for each filter field: - name: contains, eq, neq - status: eq - vulnerability_ids: contains, not_contains - description: contains - affected_software: contains, not_contains - cwe_ids: contains, not_contains - vendor_names: contains, not_contains - severity_score: eq, neq, gte, lte - epss_score: eq, neq, gte, lte - count_vulnerable_services: eq, neq, gte, lte

Allowed values:"in""contains""neq""eq""lte""gte""not_contains"
valueObject

Value depends on the filter field used. - name: string e.g. apache - status: Enabled, Disabled - vulnerability_ids: strings in the form of CVE IDs, such as CVE-1, CVE-2 - description: string e.g. apache - affected_software: strings - cwe_ids: strings in the form of CWE IDs such as CWE-20 - vendor_names: strings such as Cisco, Siemens - severity_score: numbers, such as 2, 3.5 - epss_score: numbers, such as 2, 3.5 - count_vulnerable_services: integers, such as 1,2,5

Free-Form object
]
search_fromInteger
search_toInteger
sortObject
fieldString (Enum)
Allowed values:"severity_score""created""first_published""status"
keywordString (Enum)
Allowed values:"ASC""asc""DESC""desc"
Free-Form object
Free-Form object
Free-Form object
REQUEST BODY
{ "request_data": { "search_from": 0, "filters": [ { "field": "name", "value": "VulnerabilityTestFilter_value", "operator": "in" }, { "field": "name", "value": "VulnerabilityTestFilter_value", "operator": "in" } ], "sort": { "field": "severity_score", "keyword": "desc" }, "search_to": 0 } }
CURL
curl -X 'POST'
-H 'Accept: application/json'
-H 'Content-Type: application/json'
-H 'authorization: {{api_key}}' -H 'x-xdr-auth-id: {{api_key_id}}'
'https://api-}/public_api/v1/assets/get_vulnerability_tests/'
-d '{ "request_data" : { "search_from" : 0, "filters" : [ { "field" : "name", "value" : "VulnerabilityTestFilter_value", "operator" : "in" }, { "field" : "name", "value" : "VulnerabilityTestFilter_value", "operator" : "in" } ], "sort" : { "field" : "severity_score", "keyword" : "desc" }, "search_to" : 0 } }'
Responses

OK

Body
replyObjectrequired
total_countInteger
result_countInteger
vulnerability_testsArray
[
idString
nameString
vulnerability_idsArray[string]
descriptionString
statusString
vendor_namesArray[string]
affected_softwareArray
[
NAMEString
VERSION_START_INCLUDINGString
VERSION_START_EXCLUDINGString
VERSION_END_INCLUDINGString
VERSION_END_EXCLUDINGString
VENDORString
PRODUCTString
VERSIONString
Free-Form object
]
severity_scoreNumber
cwe_idsArray[string]
epss_scoreNumber
referencesArray[string]
remediation_guidanceString
first_publishedInteger
createdInteger
count_vulnerable_servicesInteger
Free-Form object
]
Free-Form object
Free-Form object
RESPONSE
{ "reply": { "total_count": 0, "result_count": 0, "vulnerability_tests": [ { "id": "id_example", "name": "name_example", "vulnerability_ids": [ "vulnerability_ids_example" ], "description": "description_example", "status": "status_example", "vendor_names": [ "vendor_names_example" ], "affected_software": [ { "NAME": "NAME_example", "VERSION_START_INCLUDING": "VERSION_START_INCLUDING_example", "VERSION_START_EXCLUDING": "VERSION_START_EXCLUDING_example", "VERSION_END_INCLUDING": "VERSION_END_INCLUDING_example", "VERSION_END_EXCLUDING": "VERSION_END_EXCLUDING_example", "VENDOR": "VENDOR_example", "PRODUCT": "PRODUCT_example", "VERSION": "VERSION_example" } ], "severity_score": 0.0, "cwe_ids": [ "cwe_ids_example" ], "epss_score": 0.0, "references": [ "references_example" ], "remediation_guidance": "remediation_guidance_example", "first_published": 0, "created": 0, "count_vulnerable_services": 0 } ] } }

Bad Request. Got an invalid JSON.

Body
replyObject

The query results upon error.

Free-Form object
RESPONSE
{ "reply": {} }

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
replyObject

The query results upon error.

Free-Form object
RESPONSE
{ "reply": {} }

Unauthorized access. User does not have the required license type to run this API.

Body
replyObject

The query results upon error.

Free-Form object
RESPONSE
{ "reply": {} }

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
replyObject

The query results upon error.

Free-Form object
RESPONSE
{ "reply": {} }

Unprocessable Entity

Body
codeInteger

Error code

statusString

Error name

messageString

Error message

errorsObject

Errors

RESPONSE
{ "code": 0, "status": "status_example", "message": "message_example", "errors": {} }

Internal server error. A unified status for API communication type errors.

Body
replyObject

The query results upon error.

Free-Form object
RESPONSE
{ "reply": {} }