List device vulnerabilities
Relative path: /v1/device-vulnerabilities
List device vulnerabilities where the vulnerabilities fit the criteria from the request.
Each vulnerability is treated individually; that is, if the device has multiple vulnerabilities, it will be listed multiple times.
Endpoint URL for Europe, Germany, United States, Canada and Japan regions:
|
https://eu.vulnerability-management.eset.systems/v1/device-vulnerabilities |
|
https://de.vulnerability-management.eset.systems/v1/device-vulnerabilities |
|
https://us.vulnerability-management.eset.systems/v1/device-vulnerabilities |
|
https://ca.vulnerability-management.eset.systems/v1/device-vulnerabilities |
|
https://jpn.vulnerability-management.eset.systems/v1/device-vulnerabilities |
Query parameters
Name |
Type |
Description |
|---|---|---|
deviceUuid |
string |
Reference to the device whose vulnerabilities should be listed. If empty or null, vulnerabilities of any device accessible to the caller will be included in the response. type: VulnerableDevice |
deviceGroupUuid |
string |
Reference to the device group whose devices' vulnerabilities should be listed. Devices of the nested groups are listed recursively as well. If empty or null, vulnerabilities of any device accessible to the caller will be included in the response. type: device_management.v1.DeviceGroup |
vulnerabilityScope |
string |
The scope of the vulnerability to include in the response. If UNSPECIFIED or null, vulnerabilities of any scope from any device accessible to the user will be included in the response. •VULNERABILITY_SCOPE_UNSPECIFIED: fallback •VULNERABILITY_SCOPE_APPLICATION: Vulnerability of an application. •VULNERABILITY_SCOPE_OPERATING_SYSTEM: Vulnerability of an operating system. •VULNERABILITY_SCOPE_PACKAGE: Vulnerability of a package. |
pageSize |
integer |
Limit for pagination purposes. If unspecified or 0, the default value is 50. The maximum value is 1000; values above 1000 will be coerced to 1000.
|
pageToken |
string |
Page token of the current page. If not given or "", the first page is returned.
|
Responses
Display Schema+Headers instead of an Example or vice-versa
Code |
Description and Example |
Description, Schema and Headers |
|---|---|---|
200 |
Successful response.
{
"vulnerabilities": [
{
"availablePatchUuids": [
"string"
],
"deviceUuid": "string",
"deviceGroupUuid": "string",
"applicationVulnerability": {
"application": {
"developerDisplayName": "string",
"displayName": "string",
"version": {
"id": "string",
"major": 0,
"minor": 0,
"name": "string",
"patch": 0
},
"uuid": "string"
},
"cveNumber": "string",
"firstDetectTime": "string",
"lastDetectTime": "string",
"patchAvailable": true,
"riskScore": 0,
"severity": "SEVERITY_LEVEL_UNSPECIFIED",
"vulnerabilityId": 0
},
"osVulnerability": {
"osFamilyId": 0,
"cveNumber": "string",
"firstDetectTime": "string",
"lastDetectTime": "string",
"patchAvailable": true,
"riskScore": 0,
"severity": "SEVERITY_LEVEL_UNSPECIFIED",
"vulnerabilityId": 0
},
"packageVulnerability": {
"package": {
"displayName": "string",
"name": "string",
"packageManagerType": "PACKAGE_MANAGER_TYPE_UNSPECIFIED",
"reference": "string",
"versionName": "string"
},
"cveNumber": "string",
"firstDetectTime": "string",
"lastDetectTime": "string",
"patchAvailable": true,
"riskScore": 0,
"severity": "SEVERITY_LEVEL_UNSPECIFIED",
"vulnerabilityId": 0
}
}
],
"nextPageToken": "string"
}
|
Successful response.
{
"$ref": "v1ListDeviceVulnerabilitiesResponse",
"vulnerabilities": [
{
"$ref": "v1DeviceVulnerability",
"description": "Descriptor of the device vulnerability. There are multiple types of vulnerabilities, such as: - application vulnerability - operating system vulnerability - package vulnerability For multiple vulnerabilities on a device, use multiple instances of this message.",
"availablePatchUuids": [
{
"type": "string"
}
],
"deviceUuid": {
"type": "string",
"description": "Reference to the [device]. type: device_management.v1.Device"
},
"deviceGroupUuid": {
"type": "string",
"description": "Reference to the parent group of the device. type: device_management.v1.DeviceGroup"
},
"applicationVulnerability": {
"$ref": "v1ApplicationVulnerability",
"description": "Descriptor of the application vulnerability.",
"application": {
"$ref": "v1Application",
"description": "Descriptor of the application. This entity has the same uuid as the application from application management.",
"developerDisplayName": {
"type": "string",
"description": "A human-readable version of the application developer."
},
"displayName": {
"type": "string",
"description": "A human-friendly name of the application."
},
"version": {
"$ref": "v1Version",
"description": "Version descriptor. Both values are required to completely reconstruct version information.",
"id": {
"type": "string",
"description": "[Version id] determines whether one version is more recent than another. More recent versions have higher numbers. Can be processed by machine. If human readable version_name meets certain criteria, it can be converted to version_id automatically. The cases are: Windows => VersionId = MajorVersion << 48 | MinorVersion << 32 | ServicePackMajor << 24 | ServicePackMinor << 16 | CurrentBuildNumber Android => VersionId = API level YYYYMMDD => VersionId = (YYYY & 0xffff ) << 48 | (MM & 0xffff) << 32 | (DD & 0xffff) <<16 YYYY.MM => VersionId = (YYYY & 0xffff ) << 48 | (MM & 0xffff) << 32 YY.MM => VersionId = (YY & 0xffff ) << 48 | (MM & 0xffff) << 32 YYYY => VersionId = (YYYY & 0xffff ) << 48 Major.Minor.Patch => VersionId = (Major & 0xffff ) << 48 | (Minor & 0xffff) << 32 | (Patch & 0xffff) <<16 EULA | Terms of Use => VersionId = MajorVersion << 48 | MinorVersion << 32 | Patch << 16 A.B.C.D => VersionId = (A & 0xffff) << 48 | (B & 0xffff) << 32 | (C & 0xffff) << 16 | (D & 0xffff) A.B.C => VersionId = (A & 0xffff ) << 48 | (B & 0xffff) << 32 | (C & 0xffff) <<16 A.B => VersionId = (A & 0xffff ) << 48 | (B & 0xffff) << 32 A => VersionId = (A & 0xffff ) << 48",
"format": "uint64"
},
"major": {
"type": "integer",
"description": "Major version if and only if version name adheres to semantic versioning. 0 or null otherwise.",
"format": "int64",
"readOnly": true
},
"minor": {
"type": "integer",
"description": "Minor version if and only if version name adheres to semantic versioning. 0 or null otherwise.",
"format": "int64",
"readOnly": true
},
"name": {
"type": "string",
"description": "Human readable name of the version. E.g. '10.2.3.145'"
},
"patch": {
"type": "integer",
"description": "Patch if and only if version name adheres to semantic versioning. 0 or null otherwise.",
"format": "int64",
"readOnly": true
}
},
"uuid": {
"type": "string",
"description": "Unique identifier of the entity. Must be collision-free - two identifiers created anywhere in the world must not collide within the entity parent scope. Unless a member of aggregate, the entity scope is always global. Although most of the times compliant with RFC 4122: A Universally Unique IDentifier (UUID) URN Namespace, do not rely on it being a RFC UUID. Treat it as an opaque identifier. RFC UUID can be recognized by being formatted according to the template xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx, as explained on Wikipedia. UUID is used for referencing an entity, even across domains. Example: '123e4567-e89b-12d3-a456-426614174000'"
}
},
"cveNumber": {
"type": "string",
"description": "A CVE identifier string. Info: CVE identifiers"
},
"firstDetectTime": {
"type": "string",
"description": "When the vulnerability was detected for the first time.",
"format": "date-time"
},
"lastDetectTime": {
"type": "string",
"description": "When the vulnerability was seen for the last time. Vulnerabilities are observed at discrete times. This is also the last time of observation.",
"format": "date-time"
},
"patchAvailable": {
"type": "boolean",
"description": "If true, a patch fixing this vulnerability is available."
},
"riskScore": {
"type": "integer",
"description": "How risky the vulnerability is. The score is a numerical expression ranging from 0 to 100, where: 0 = no threat 100 = threat",
"format": "int64"
},
"severity": {
"$ref": "v1SeverityLevel",
"type": "string",
"description": "Severity levels abstracted to cover all the possible GUIs. Vocabulary is leaving interpretation of severity level completely to API client. This approach is inevitable on SIEM level as there are many contributing sources. Keeping the local names for severity levels never fits all the GUIs. SEVERITY_LEVEL_UNSPECIFIED: fallback SEVERITY_LEVEL_DIAGNOSTIC: In some GUIs known Debug SEVERITY_LEVEL_INFORMATIONAL: In some GUIs known as Info or Information SEVERITY_LEVEL_LOW: In some GUIs known Warning SEVERITY_LEVEL_MEDIUM: In some GUIs known as Error or Threat SEVERITY_LEVEL_HIGH: In some GUIs known as Critical",
"default": "SEVERITY_LEVEL_UNSPECIFIED",
"enum": [
"SEVERITY_LEVEL_UNSPECIFIED",
"SEVERITY_LEVEL_DIAGNOSTIC",
"SEVERITY_LEVEL_INFORMATIONAL",
"SEVERITY_LEVEL_LOW",
"SEVERITY_LEVEL_MEDIUM",
"SEVERITY_LEVEL_HIGH"
]
},
"vulnerabilityId": {
"type": "integer",
"description": "Vulnerability catalog ID.",
"format": "int64"
}
},
"osVulnerability": {
"$ref": "v1OsVulnerability",
"description": "Descriptor of an operating system vulnerability. Note: Besides vulnerabilities of the Linux kernel, there are also some 'core packages', whose vulnerabilities are treated as operating system vulnerabilities. For example: glibc, systemd, etc. Such vulnerabilities are reported twice, once as an operating system vulnerability and once as a package vulnerability.",
"osFamilyId": {
"type": "integer",
"description": "Operating system family. The family comprises the whole series of related operating systems. Some families feature multiple editions, for example, MacOS versus MacOS Server. Value Description 1 Windows 2 Linux 3 Mac OS 7 Unix type: os_catalog.v2.OsFamily",
"format": "int64"
},
"cveNumber": {
"type": "string",
"description": "A CVE identifier string. Info: CVE identifiers"
},
"firstDetectTime": {
"type": "string",
"description": "When the vulnerability was detected for the first time.",
"format": "date-time"
},
"lastDetectTime": {
"type": "string",
"description": "When the vulnerability was seen for the last time. Vulnerabilities are observed at discrete times. This is also the last time of observation.",
"format": "date-time"
},
"patchAvailable": {
"type": "boolean",
"description": "If true, a patch fixing this vulnerability is available."
},
"riskScore": {
"type": "integer",
"description": "How risky the vulnerability is. The score is a numerical expression ranging from 0 to 100, where: 0 = no threat 100 = threat",
"format": "int64"
},
"severity": {
"$ref": "v1SeverityLevel",
"type": "string",
"description": "Severity levels abstracted to cover all the possible GUIs. Vocabulary is leaving interpretation of severity level completely to API client. This approach is inevitable on SIEM level as there are many contributing sources. Keeping the local names for severity levels never fits all the GUIs. SEVERITY_LEVEL_UNSPECIFIED: fallback SEVERITY_LEVEL_DIAGNOSTIC: In some GUIs known Debug SEVERITY_LEVEL_INFORMATIONAL: In some GUIs known as Info or Information SEVERITY_LEVEL_LOW: In some GUIs known Warning SEVERITY_LEVEL_MEDIUM: In some GUIs known as Error or Threat SEVERITY_LEVEL_HIGH: In some GUIs known as Critical",
"default": "SEVERITY_LEVEL_UNSPECIFIED",
"enum": [
"SEVERITY_LEVEL_UNSPECIFIED",
"SEVERITY_LEVEL_DIAGNOSTIC",
"SEVERITY_LEVEL_INFORMATIONAL",
"SEVERITY_LEVEL_LOW",
"SEVERITY_LEVEL_MEDIUM",
"SEVERITY_LEVEL_HIGH"
]
},
"vulnerabilityId": {
"type": "integer",
"description": "Vulnerability catalog ID.",
"format": "int64"
}
},
"packageVulnerability": {
"$ref": "v1PackageVulnerability",
"description": "Descriptor of the package vulnerability.",
"package": {
"$ref": "v1Package",
"description": "Package descriptor. Packages are referenced by their name and provider.",
"displayName": {
"type": "string",
"description": "A human-friendly name of the package. For example: 'Firefox'"
},
"name": {
"type": "string",
"description": "Package name as indexed within the package manager. The package name identifies a package only in the context of one package manager. The name is not globally unique. For example: 'com.example.app123'"
},
"packageManagerType": {
"$ref": "v1PackageManagerType",
"type": "string",
"description": "Possible types of package managers. Package managers are used to install and manage packages on the system. PACKAGE_MANAGER_TYPE_UNSPECIFIED: fallback PACKAGE_MANAGER_TYPE_APT: Advanced Packaging Type For details, refer to APT - PACKAGE_MANAGER_TYPE_SNAP: Package Manager for Snap For details, refer to Snap - PACKAGE_MANAGER_TYPE_DNF: Dandified YUM For details, refer to DNF",
"default": "PACKAGE_MANAGER_TYPE_UNSPECIFIED",
"enum": [
"PACKAGE_MANAGER_TYPE_UNSPECIFIED",
"PACKAGE_MANAGER_TYPE_APT",
"PACKAGE_MANAGER_TYPE_SNAP",
"PACKAGE_MANAGER_TYPE_DNF"
]
},
"reference": {
"type": "string",
"description": "Reference to the package. Reference is an opaque string that identifies the package."
},
"versionName": {
"type": "string",
"description": "A human-readable name of the package version. For example: - 2.12 - 1.1.2j - 1:4.8.1-2ubuntu2.2 - 2:1.02.175-2.1ubuntu4 - 2:1.02.175-2.1ubuntu5 - 21H2 1233.223"
}
},
"cveNumber": {
"type": "string",
"description": "A CVE identifier string. Info: CVE identifiers"
},
"firstDetectTime": {
"type": "string",
"description": "When the vulnerability was detected for the first time.",
"format": "date-time"
},
"lastDetectTime": {
"type": "string",
"description": "When the vulnerability was seen for the last time. Vulnerabilities are observed at discrete times. This is also the last time of observation.",
"format": "date-time"
},
"patchAvailable": {
"type": "boolean",
"description": "If true, a patch fixing this vulnerability is available."
},
"riskScore": {
"type": "integer",
"description": "How risky the vulnerability is. The score is a numerical expression ranging from 0 to 100, where: 0 = no threat 100 = threat",
"format": "int64"
},
"severity": {
"$ref": "v1SeverityLevel",
"type": "string",
"description": "Severity levels abstracted to cover all the possible GUIs. Vocabulary is leaving interpretation of severity level completely to API client. This approach is inevitable on SIEM level as there are many contributing sources. Keeping the local names for severity levels never fits all the GUIs. SEVERITY_LEVEL_UNSPECIFIED: fallback SEVERITY_LEVEL_DIAGNOSTIC: In some GUIs known Debug SEVERITY_LEVEL_INFORMATIONAL: In some GUIs known as Info or Information SEVERITY_LEVEL_LOW: In some GUIs known Warning SEVERITY_LEVEL_MEDIUM: In some GUIs known as Error or Threat SEVERITY_LEVEL_HIGH: In some GUIs known as Critical",
"default": "SEVERITY_LEVEL_UNSPECIFIED",
"enum": [
"SEVERITY_LEVEL_UNSPECIFIED",
"SEVERITY_LEVEL_DIAGNOSTIC",
"SEVERITY_LEVEL_INFORMATIONAL",
"SEVERITY_LEVEL_LOW",
"SEVERITY_LEVEL_MEDIUM",
"SEVERITY_LEVEL_HIGH"
]
},
"vulnerabilityId": {
"type": "integer",
"description": "Vulnerability catalog ID.",
"format": "int64"
}
}
}
],
"nextPageToken": {
"type": "string",
"description": "Page token of the next page. Empty or '' for the last page. Info: For more information, refer to Paginating Requests in APIs or Design Patterns: Pagination"
}
}
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
202 |
Response took too long; request cached. Response can be retrieved later using the response-id header. |
Response took too long; request cached. Response can be retrieved later using the response-id header.
[]
{
"response-id": {
"description": "Unique ID of a pending request. Used to retrieve cached result.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
},
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
400 |
One of the errors: 1. Bad or missing authorization. 2. Validation error. Invalid argument provided. |
One of the errors: 1. Bad or missing authorization. 2. Validation error. Invalid argument provided.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
401 |
Token has expired or is invalid. |
Token has expired or is invalid.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
403 |
Access denied. Check permissions. |
Access denied. Check permissions.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
404 |
Requested resource not found. |
Requested resource not found.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
429 |
Rate limit reached. Try again later. |
Rate limit reached. Try again later.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
500 |
Internal server failure. Try again later. |
Internal server failure. Try again later.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
502 |
Internal server failure. Try again later. |
Internal server failure. Try again later.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
503 |
Environment under maintenance. Try again later. |
Environment under maintenance. Try again later.
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|
504 |
Action took too long; timeout reached |
Action took too long; timeout reached
[]
{
"request-id": {
"description": "Unique ID of the request. Include in support requests.",
"style": "simple",
"explode": false,
"schema": {
"type": "string",
"format": "uuid"
}
}
}
|