vulnerability resource type
Namespace: microsoft.graph.security
Note
The Microsoft Graph API for Microsoft Defender Threat Intelligence requires an active Defender Threat Intelligence Portal license and API add-on license for the tenant.
Provides key context behind vulnerabilities of interest. Each article contains a description of the vulnerability, a list of affected components, tailored mitigation procedures and strategies, related intelligence articles, references in deep and dark web chatter, and other key observations. These articles provide deeper context and actionable insights behind each vulnerability, enabling users to more quickly understand these vulnerabilities and quickly mitigate them.
Methods
Method | Return type | Description |
---|---|---|
Get vulnerability | microsoft.graph.security.vulnerability | Read the properties and relationships of a microsoft.graph.security.vulnerability object. |
List | microsoft.graph.security.vulnerabilityComponent collection | Get a list of vulnerabilityComponent resources. |
Properties
Property | Type | Description |
---|---|---|
activeExploitsObserved | Boolean | Indicates whether this vulnerability has any known exploits associated to known bad actors. |
createdDateTime | DateTimeOffset | The date and time when this vulnerability article was first created. |
cvss2Summary | microsoft.graph.security.cvssSummary | A summary of the common vulnerability scoring system (v2) findings about this vulnerability. |
cvss3Summary | microsoft.graph.security.cvssSummary | A summary of the common vulnerability scoring system (v3) findings about this vulnerability. |
commonWeaknessEnumerationIds | String collection | Community-defined common weakness enumerations (CWE). |
description | microsoft.graph.security.formattedContent | The vulnerability article contents, describing the vulnerability. |
exploits | microsoft.graph.security.hyperlink collection | Known exploits for this vulnerability. |
exploitsAvailable | Boolean | Indicates whether this vulnerability has exploits in public sources (such as Packetstorm or Exploit-DB) online. |
hasChatter | Boolean | Indicates whether chatter about this vulnerability has been discovered online. |
id | String | A system-generated ID for the vulnerability. |
lastModifiedDateTime | DateTimeOffset | The date and time when this vulnerability article was most recently updated. |
priorityScore | Int32 | A unique algorithm that reflects the priority of a vulnerability based on the CVSS score, exploits, chatter, and linkage to malware. This property also evaluates the recency of these components so users can understand which vulnerability should be remediated first. |
publishedDateTime | DateTimeOffset | The date and time when this vulnerability article was published. |
references | microsoft.graph.security.hyperlink collection | Reference links where further information can be learned about this vulnerability. |
remediation | microsoft.graph.security.formattedContent | Any known remediation steps. |
severity | microsoft.graph.security.vulnerabilitySeverity | Indicates the severity of this vulnerability. The possible values are: none , low , medium , high , critical , unknownFutureValue . |
Relationships
Relationship | Type | Description |
---|---|---|
articles | microsoft.graph.security.article collection | Articles related to this vulnerability. |
components | microsoft.graph.security.vulnerabilityComponent collection | Components related to this vulnerability article. |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.security.vulnerability",
"activeExploitsObserved": "Boolean",
"commonWeaknessEnumerationIds": ["String"],
"createdDateTime": "String (timestamp)",
"cvss2Summary": {
"@odata.type": "microsoft.graph.security.cvssSummary"
},
"cvss3Summary": {
"@odata.type": "microsoft.graph.security.cvssSummary"
},
"description": {
"@odata.type": "microsoft.graph.security.formattedContent"
},
"exploitsAvailable": "Boolean",
"exploits": [
{
"@odata.type": "microsoft.graph.security.hyperlink"
}
],
"hasChatter": "Boolean",
"id": "String (identifier)",
"lastModifiedDateTime": "String (timestamp)",
"priorityScore": "Int32",
"publishedDateTime": "String (timestamp)",
"references": [
{
"@odata.type": "microsoft.graph.security.hyperlink"
}
],
"remediation": {
"@odata.type": "microsoft.graph.security.formattedContent"
},
"severity": "String"
}
피드백
https://aka.ms/ContentUserFeedback
출시 예정: 2024년 내내 콘텐츠에 대한 피드백 메커니즘으로 GitHub 문제를 단계적으로 폐지하고 이를 새로운 피드백 시스템으로 바꿀 예정입니다. 자세한 내용은 다음을 참조하세요.다음에 대한 사용자 의견 제출 및 보기