Share via

What is the correct API endpoint and HTTP method (POST/PUT) to request remediation for a CVE?

Maryem Chaibi 0 Reputation points
2025-05-21T07:44:41.6733333+00:00

Hello guys,

I’m trying to automate remediation actions (e.g., patching vulnerabilities, Update Google Android) via the Microsoft Defender for Endpoint API but cannot find the correct endpoint to submit remediation requests.

Here’s what I’ve tried:

  1. Attempted API Call:
    • Endpoint: https://api.securitycenter.microsoft.com/api/remediation
    • Body: {"issue_id":"CVE-2024-43097","action":"Update Google Android"}
    • Result: HTTP 405 (Method Not Allowed).
    Documentation Review: The Remediation Activity API documentation lists methods like GET /api/remediationTasks but doesn’t clarify how to initiate remediation.

Questions:

What is the correct API endpoint and HTTP method (POST/PUT) to request remediation for a CVE across affected devices?

Are there examples of JSON payloads for remediation requests?

Thank you in advance!Hello guys,

I’m trying to automate remediation actions (e.g., patching vulnerabilities, Update Google Android) via the Microsoft Defender for Endpoint API but cannot find the correct endpoint to submit remediation requests.

Here’s what I’ve tried:

Attempted API Call:

Endpoint: https://api.securitycenter.microsoft.com/api/remediation

  Body: `{"issue_id":"CVE-2024-43097","action":"Update Google Android"}`
  
     **Result**: HTTP 405 (Method Not Allowed).
     
     **Documentation Review**:
     
        The [Remediation Activity API documentation](https://learn.microsoft.com/en-us/defender-endpoint/api/get-remediation-methods-properties"learn.microsoft.com") lists methods like `GET /api/remediationTasks` but doesn’t clarify how to *initiate* remediation.

Questions:

What is the correct API endpoint and HTTP method (POST/PUT) to request remediation for a CVE across affected devices?

Are there examples of JSON payloads for remediation requests?

Thank you in advance!

Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,416 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Catherine Kyalo 1,930 Reputation points Microsoft Employee
    2025-05-23T06:25:21.59+00:00

    Hi @Maryem Chaibi

    Based on my research and public documentation, there is no specific API to request remediation for CVE on devices. Here is documentation on the MDE https://github.com/MicrosoftDocs/defender-docs/tree/public/defender-endpoint/api

    I suggest posting this on the feedback portal here - https://feedbackportal.microsoft.com/feedback for visibility and prioritization.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.