按软件列出漏洞

适用于:

希望体验 Defender for Endpoint? 注册免费试用版

注意

如果你是美国政府客户,请使用美国政府客户Microsoft Defender for Endpoint中列出的 URI。

提示

为了提高性能,可以使用离地理位置更近的服务器:

  • us.api.security.microsoft.com
  • eu.api.security.microsoft.com
  • uk.api.security.microsoft.com
  • au.api.security.microsoft.com
  • swa.api.security.microsoft.com

重要

本文中的某些信息与预发行的产品有关,该产品在商业发布之前可能有重大修改。 Microsoft 对此处所提供的信息不作任何明示或默示的保证。

检索已安装软件中的漏洞列表。

权限

要调用此 API,需要以下权限之一。 若要了解详细信息(包括如何选择权限),请参阅使用Microsoft Defender for Endpoint API 了解详细信息。

权限类型 权限 权限显示名称
应用程序 Vulnerability.Read.All “读取威胁和漏洞管理软件信息”
委派(工作或学校帐户) Vulnerability.Read “读取威胁和漏洞管理软件信息”

HTTP 请求

GET /api/Software/{Id}/vulnerabilities

请求标头

名称 类型 说明
Authorization String 持有者 {token}。必需

请求正文

Empty

响应

如果成功,此方法返回 200 OK,并返回由指定软件公开的漏洞列表。

示例

请求示例

下面是一个请求示例。

GET https://api.securitycenter.microsoft.com/api/Software/microsoft-_-edge/vulnerabilities

响应示例

下面是一个响应示例。

{
    "@odata.context": "https://api.securitycenter.microsoft.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
    "value": [
            {
                "id": "CVE-2017-0140",
                "name": "CVE-2017-0140",
                "description": "A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.The security update addresses the vulnerability by modifying how affected Microsoft Edge handles different-origin requests.",
                "severity": "Medium",
                "cvssV3": 4.2,
                "exposedMachines": 1,
                "publishedOn": "2017-03-14T00:00:00Z",
                "updatedOn": "2019-10-03T00:03:00Z",
                "publicExploit": false,
                "exploitVerified": false,
                "exploitInKit": false,
                "exploitTypes": [],
                "exploitUris": []
            }
            ...
        ]
}

提示

想要了解更多信息? Engage技术社区中的 Microsoft 安全社区:Microsoft Defender for Endpoint技术社区