How can I get vulnerability data from the threatintelligence vulnerability API?

Question

Hi,

I'm trying to query the vulnerabilities Graph API using this URI: https://graph.microsoft.com/beta/security/threatIntelligence/vulnerabilities/CVE-2023-41172

I'm calling the graph API using a token with the graph.microsoft.com audience and I'm using an app registration that has the Microsoft Graph ThreatIntelligence.Read.All application permission with Admin Consent.

When I call the API in my C# code (using the app registration) I get a 401 error.

When logging into the Graph Explorer with my work account, with user consent, I get this error:

"code": "notAllowed", "message": "Your account does not have access to this report or data. Please contact your organization administrator to ensure you have a valid license."

This data was previously available as subassessments in the securityresources data, when calling the Microsoft.ResourceGraph API. Now it seems this detailed CVE data is only available using the Graph API, as the securitycenter.microsoft.com/api/Vulnerabilities API doesn't return this information.

The only information I've been able to find is that I need to buy a really expensive Defender Threat Intelligence premium license. Which I'm not even sure works with an app registration.

My question is, am I missing something here and is there an economically and technical feasible way to still get the detailed CVE data (that I previously had access to), using an app registration, with the Graph vulnerabilities API? Or if the only way is to buy a premium license, will that make it possible to get the data using an app registration?

Thanks in advance!

Answer 1

Same problem here. Am I missing a license ?

"Your account does not have access to this report or data. Please contact your organization administrator to ensure you have a valid license."

Please advise