Vulnerability resource type
Applies to:
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender XDR
Want to experience Defender for Endpoint? Sign up for a free trial.
Note
If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers.
Tip
For better performance, you can use server closer to your geo location:
- us.api.security.microsoft.com
- eu.api.security.microsoft.com
- uk.api.security.microsoft.com
- au.api.security.microsoft.com
- swa.api.security.microsoft.com
- ina.api.security.microsoft.com
Important
Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, with respect to the information provided here.
Methods
| Method | Return Type | Description |
|---|---|---|
| Get all vulnerabilities | Vulnerability collection | Retrieves a list of all the vulnerabilities affecting the organization |
| Get vulnerability by Id | Vulnerability | Retrieves vulnerability information by its Id |
| List devices by vulnerability | MachineRef collection | Retrieve a list of devices that are associated with the vulnerability Id |
| List vulnerabilities by machine and software | Vulnerability | Retrieves a list of all the vulnerabilities affecting the organization per machine and software. |
Properties
| Property | Type | Description |
|---|---|---|
| Id | String | Vulnerability Id |
| Name | String | Vulnerability title |
| Description | String | Vulnerability description |
| Severity | String | Vulnerability Severity. Possible values are: Low, Medium, High, or Critical |
| cvssV3 | Double | CVSS v3 score |
| cvssVector | String | A compressed textual representation that reflects the values used to derive the score |
| exposedMachines | Long | Number of exposed devices |
| publishedOn | DateTime | Date when vulnerability was published |
| updatedOn | DateTime | Date when vulnerability was updated |
| publicExploit | Boolean | Public exploit exists |
| exploitVerified | Boolean | Exploit is verified to work |
| exploitInKit | Boolean | Exploit is part of an exploit kit |
| exploitTypes | String collection | Exploit affect. Possible values are: Local privilege escalation, Denial of service, or Local |
| exploitUris | String collection | Exploit source URLs |
| CveSupportability | String collection | Possible values are: Supported, Not Supported, or SupportedInPremium |
| EPSS | Numeric | Represents the probability that a vulnerability will be exploited. This probability is expressed as a number between 0 and 1 (0%-100%) according to the EPSS model. |
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.