vulnerability resource type
Namespace: microsoft.graph.security
Note
The Microsoft Graph API for Microsoft Defender Threat Intelligence requires an active Defender Threat Intelligence Portal license and API add-on license for the tenant.
Provides key context behind vulnerabilities of interest. Each article contains a description of the vulnerability, a list of affected components, tailored mitigation procedures and strategies, related intelligence articles, references in deep and dark web chatter, and other key observations. These articles provide deeper context and actionable insights behind each vulnerability, enabling users to more quickly understand these vulnerabilities and quickly mitigate them.
Methods
| Method | Return type | Description |
|---|---|---|
| Get vulnerability | microsoft.graph.security.vulnerability | Read the properties and relationships of a microsoft.graph.security.vulnerability object. |
| List | microsoft.graph.security.vulnerabilityComponent collection | Get a list of vulnerabilityComponent resources. |
Properties
| Property | Type | Description |
|---|---|---|
| activeExploitsObserved | Boolean | Indicates whether this vulnerability has any known exploits associated to known bad actors. |
| createdDateTime | DateTimeOffset | The date and time when this vulnerability article was first created. |
| cvss2Summary | microsoft.graph.security.cvssSummary | A summary of the common vulnerability scoring system (v2) findings about this vulnerability. |
| cvss3Summary | microsoft.graph.security.cvssSummary | A summary of the common vulnerability scoring system (v3) findings about this vulnerability. |
| commonWeaknessEnumerationIds | String collection | Community-defined common weakness enumerations (CWE). |
| description | microsoft.graph.security.formattedContent | The vulnerability article contents, describing the vulnerability. |
| exploits | microsoft.graph.security.hyperlink collection | Known exploits for this vulnerability. |
| exploitsAvailable | Boolean | Indicates whether this vulnerability has exploits in public sources (such as Packetstorm or Exploit-DB) online. |
| hasChatter | Boolean | Indicates whether chatter about this vulnerability has been discovered online. |
| id | String | A system-generated ID for the vulnerability. |
| lastModifiedDateTime | DateTimeOffset | The date and time when this vulnerability article was most recently updated. |
| priorityScore | Int32 | A unique algorithm that reflects the priority of a vulnerability based on the CVSS score, exploits, chatter, and linkage to malware. This property also evaluates the recency of these components so users can understand which vulnerability should be remediated first. |
| publishedDateTime | DateTimeOffset | The date and time when this vulnerability article was published. |
| references | microsoft.graph.security.hyperlink collection | Reference links where further information can be learned about this vulnerability. |
| remediation | microsoft.graph.security.formattedContent | Any known remediation steps. |
| severity | microsoft.graph.security.vulnerabilitySeverity | Indicates the severity of this vulnerability. The possible values are: none, low, medium, high, critical, unknownFutureValue. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| articles | microsoft.graph.security.article collection | Articles related to this vulnerability. |
| components | microsoft.graph.security.vulnerabilityComponent collection | Components related to this vulnerability article. |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.security.vulnerability",
"activeExploitsObserved": "Boolean",
"commonWeaknessEnumerationIds": ["String"],
"createdDateTime": "String (timestamp)",
"cvss2Summary": {
"@odata.type": "microsoft.graph.security.cvssSummary"
},
"cvss3Summary": {
"@odata.type": "microsoft.graph.security.cvssSummary"
},
"description": {
"@odata.type": "microsoft.graph.security.formattedContent"
},
"exploitsAvailable": "Boolean",
"exploits": [
{
"@odata.type": "microsoft.graph.security.hyperlink"
}
],
"hasChatter": "Boolean",
"id": "String (identifier)",
"lastModifiedDateTime": "String (timestamp)",
"priorityScore": "Int32",
"publishedDateTime": "String (timestamp)",
"references": [
{
"@odata.type": "microsoft.graph.security.hyperlink"
}
],
"remediation": {
"@odata.type": "microsoft.graph.security.formattedContent"
},
"severity": "String"
}