vulnerability resource type

Namespace: microsoft.graph.security

Note

The Microsoft Graph API for Microsoft Defender Threat Intelligence requires an active Defender Threat Intelligence Portal license and API add-on license for the tenant.

Provides key context behind vulnerabilities of interest. Each article contains a description of the vulnerability, a list of affected components, tailored mitigation procedures and strategies, related intelligence articles, references in deep and dark web chatter, and other key observations. These articles provide deeper context and actionable insights behind each vulnerability, enabling users to more quickly understand these vulnerabilities and quickly mitigate them.

Methods

Method Return type Description
Get vulnerability microsoft.graph.security.vulnerability Read the properties and relationships of a microsoft.graph.security.vulnerability object.
List microsoft.graph.security.vulnerabilityComponent collection Get a list of vulnerabilityComponent resources.

Properties

Property Type Description
activeExploitsObserved Boolean Indicates whether this vulnerability has any known exploits associated to known bad actors.
createdDateTime DateTimeOffset The date and time when this vulnerability article was first created.
cvss2Summary microsoft.graph.security.cvssSummary A summary of the common vulnerability scoring system (v2) findings about this vulnerability.
cvss3Summary microsoft.graph.security.cvssSummary A summary of the common vulnerability scoring system (v3) findings about this vulnerability.
commonWeaknessEnumerationIds String collection Community-defined common weakness enumerations (CWE).
description microsoft.graph.security.formattedContent The vulnerability article contents, describing the vulnerability.
exploits microsoft.graph.security.hyperlink collection Known exploits for this vulnerability.
exploitsAvailable Boolean Indicates whether this vulnerability has exploits in public sources (such as Packetstorm or Exploit-DB) online.
hasChatter Boolean Indicates whether chatter about this vulnerability has been discovered online.
id String A system-generated ID for the vulnerability.
lastModifiedDateTime DateTimeOffset The date and time when this vulnerability article was most recently updated.
priorityScore Int32 A unique algorithm that reflects the priority of a vulnerability based on the CVSS score, exploits, chatter, and linkage to malware. This property also evaluates the recency of these components so users can understand which vulnerability should be remediated first.
publishedDateTime DateTimeOffset The date and time when this vulnerability article was published.
references microsoft.graph.security.hyperlink collection Reference links where further information can be learned about this vulnerability.
remediation microsoft.graph.security.formattedContent Any known remediation steps.
severity microsoft.graph.security.vulnerabilitySeverity Indicates the severity of this vulnerability. The possible values are: none, low, medium, high, critical, unknownFutureValue.

Relationships

Relationship Type Description
articles microsoft.graph.security.article collection Articles related to this vulnerability.
components microsoft.graph.security.vulnerabilityComponent collection Components related to this vulnerability article.

JSON representation

The following JSON representation shows the resource type.

{
  "@odata.type": "#microsoft.graph.security.vulnerability",
  "activeExploitsObserved": "Boolean",
  "commonWeaknessEnumerationIds": ["String"],
  "createdDateTime": "String (timestamp)",
  "cvss2Summary": {
    "@odata.type": "microsoft.graph.security.cvssSummary"
  },
  "cvss3Summary": {
    "@odata.type": "microsoft.graph.security.cvssSummary"
  },
  "description": {
    "@odata.type": "microsoft.graph.security.formattedContent"
  },
  "exploitsAvailable": "Boolean",
  "exploits": [
    {
      "@odata.type": "microsoft.graph.security.hyperlink"
    }
  ],
  "hasChatter": "Boolean",
  "id": "String (identifier)",
  "lastModifiedDateTime": "String (timestamp)",
  "priorityScore": "Int32",
  "publishedDateTime": "String (timestamp)",
  "references": [
    {
      "@odata.type": "microsoft.graph.security.hyperlink"
    }
  ],
  "remediation": {
    "@odata.type": "microsoft.graph.security.formattedContent"
  },
  "severity": "String"
}