Get Vulnerability by ID

6 min

description retrieve detailed information for a specified vulnerability id from microsoft defender using the provided vulnerability id endpoint url /api/vulnerabilities/{{vulnerability id}} method get inputs path parameters (object) – required vulnerability id (string) – required vulnerability id output example \[ { "status code" 200, "response headers" { "date" "tue, 30 jul 2024 05 46 08 gmt", "content type" "application/json; odata metadata=minimal; odata streaming=true; charset=utf 8", "transfer encoding" "chunked", "connection" "keep alive", "content encoding" "deflate", "vary" "accept encoding", "odata version" "4 0", "strict transport security" "max age=31536000; includesubdomains" }, "reason" "ok", "json body" { "@odata context" "https //api securitycenter microsoft com/api/$metadata#vulnerabilities/$entity", "id" "cve 2024 7163", "name" "cve 2024 7163", "description" "summary seacms 12 9 is vulnerable to cross site scripting (xss) due to improper handling of the 'color/vid/url' argument in the '/js/player/dmplayer/player/index php' file this allows remote attackers to inject malicious scripts into web pages viewed by users the vulnerability has been publicly disclosed and may be actively exploited impact if successfully exploited, this vulnerability could allow an attacker to execute arbitrary scripts in the context of the victim's browser this could lead to various consequences, including theft of sensitive information, session hijacking, defacement of web pages, or the delivery of malware to users remediation upgrade seacms seacms to any version besides 12 9 additionalinformation the vulnerability has been assigned the identifier vdb 272577 generated by ai", "severity" "low", "cvssv3" 3 5, "cvssvector" "cvss 3 1/av\ n/ac\ l/pr\ l/ui\ r/s\ u/c\ n/i\ l/a\ n", "exposedmachines" 0, "publishedon" "2024 07 28t17 15 09 797z", "updatedon" "2024 07 29t14 12 08 783z", "firstdetected" null, "publicexploit" false, "exploitverified" false, "exploitinkit" false, "exploittypes" \[], "exploituris" \[], "cvesupportability" "notsupported", "tags" \[], "epss" 0 00045 } } ] output parameters status code (number) reason (string) json body (object) @odata context (string) id (string) name (string) description (string) severity (string) cvssv3 (number) cvssvector (string) exposedmachines (number) publishedon (string) updatedon (string) firstdetected (object) publicexploit (boolean) exploitverified (boolean) exploitinkit (boolean) exploittypes (array) file name (string) – required file (string) – required exploituris (array) file name (string) – required file (string) – required cvesupportability (string) tags (array) file name (string) – required file (string) – required epss (number) response headers header type date string content type string transfer encoding string connection string content encoding string vary string odata version string strict transport security string