Vulnerability resource type
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft 365 Defender
Want to experience Defender for Endpoint? Sign up for a free trial.
If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers.
For better performance, you can use server closer to your geo location:
Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
|Get all vulnerabilities||Vulnerability collection||Retrieves a list of all the vulnerabilities affecting the organization|
|Get vulnerability by Id||Vulnerability||Retrieves vulnerability information by its ID|
|List devices by vulnerability||MachineRef collection||Retrieve a list of devices that are associated with the vulnerability ID|
|List vulnerabilities by machine and software||Vulnerability||Retrieves a list of all the vulnerabilities affecting the organization per machine and software.|
|Severity||String||Vulnerability Severity. Possible values are: "Low", "Medium", "High", "Critical"|
|cvssV3||Double||CVSS v3 score|
|exposedMachines||Long||Number of exposed devices|
|publishedOn||DateTime||Date when vulnerability was published|
|updatedOn||DateTime||Date when vulnerability was updated|
|publicExploit||Boolean||Public exploit exists|
|exploitVerified||Boolean||Exploit is verified to work|
|exploitInKit||Boolean||Exploit is part of an exploit kit|
|exploitTypes||String collection||Exploit impact. Possible values are: "Local privilege escalation", "Denial of service", "Local"|
|exploitUris||String collection||Exploit source URLs|