Get Vulnerability Tests

Cortex Xpanse REST API

post /public_api/v1/assets/get_vulnerability_tests/

Get a complete or filtered list of vulnerability tests. Response include details about each test, including the number of services confirmed vulnerable.

To view vulnerability test results, use the Get All Services or Get Service Details endpoints.

CURL
curl -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" -H "authorization: {{api_key}}" -H "x-xdr-auth-id: {{api_key_id}}" \ "https://api-}/public_api/v1/assets/get_vulnerability_tests/" \ -d '{ "request_data" : { "search_from" : 0, "filters" : [ { "field" : "name", "value" : "VulnerabilityTestFilter_value", "operator" : "in" }, { "field" : "name", "value" : "VulnerabilityTestFilter_value", "operator" : "in" } ], "sort" : { "field" : "severity_score", "keyword" : "desc" }, "search_to" : 0 } }'
Request headers
authorization
required
String
api-key
Example: {{api_key}}
x-xdr-auth-id
required
String
api-key-id
Example: {{api_key_id}}
Request
Body
required
request_data
required
Object
filters
optional
Array of objects
field
optional
String (Enum)
Allowed values:
name
test_names
vulnerability_ids
description
vendor_names
status
affected_software
severity_score
cwe_ids
epss_score
count_vulnerable_services
operator
optional
String (Enum)

Identifies the comparison operator to use for this filter. The following list shows which operator can be used for each filter field:

  • name: contains, eq, neq
  • status: eq
  • vulnerability_ids: contains, not_contains
  • description: contains
  • affected_software: contains, not_contains
  • cwe_ids: contains, not_contains
  • vendor_names: contains, not_contains
  • severity_score: eq, neq, gte, lte
  • epss_score: eq, neq, gte, lte
  • count_vulnerable_services: eq, neq, gte, lte
Allowed values:
in
contains
neq
eq
lte
gte
not_contains
value
optional

Value depends on the filter field used.

  • name: string e.g. apache
  • status: Enabled, Disabled
  • vulnerability_ids: strings in the form of CVE IDs, such as CVE-1, CVE-2
  • description: string e.g. apache
  • affected_software: strings
  • cwe_ids: strings in the form of CWE IDs such as CWE-20
  • vendor_names: strings such as Cisco, Siemens
  • severity_score: numbers, such as 2, 3.5
  • epss_score: numbers, such as 2, 3.5
  • count_vulnerable_services: integers, such as 1,2,5
search_from
optional
Integer
search_to
optional
Integer
sort
optional
Object
field
optional
String (Enum)
Allowed values:
severity_score
created
first_published
status
keyword
optional
String (Enum)
Allowed values:
ASC
asc
DESC
desc
Responses

OK

Body
reply
required
Object
total_count
required
Integer
result_count
required
Integer
vulnerability_tests
optional
Array of objects
id
optional
String
name
optional
String
vulnerability_ids
optional
Array of strings
description
optional
String
status
optional
String
vendor_names
optional
Array of strings
affected_software
optional
Array of objects
NAME
optional
String
VERSION_START_INCLUDING
optional
String
VERSION_START_EXCLUDING
optional
String
VERSION_END_INCLUDING
optional
String
VERSION_END_EXCLUDING
optional
String
VENDOR
optional
String
PRODUCT
optional
String
VERSION
optional
String
severity_score
optional
Number
cwe_ids
optional
Array of strings
epss_score
optional
Number
references
optional
Array of strings
remediation_guidance
optional
String
first_published
optional
Integer
created
optional
Integer
count_vulnerable_services
optional
Integer

Bad Request. Got an invalid JSON.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unprocessable Entity

Body
code
optional
Integer
Error code
status
optional
String
Error name
message
optional
String
Error message
errors
optional
Object
Errors

Internal server error. A unified status for API communication type errors.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.