分享方式:


容器弱點評量 REST API

概觀

Azure Resource Graph (ARG) 提供 REST API,可用來以程式設計方式存取 Azure 登錄和執行階段弱點建議的弱點評量結果。 深入了解 ARG 參考和查詢範例

Azure、AWS 和 GCP 容器登錄弱點子評量會發佈至 ARG 做為安全性資源的一部分。 深入了解安全性子評量

ARG 查詢範例

若要提取特定子評量,您需要評量金鑰。

  • 針對 MDVM 所提供的 Azure 容器弱點評量,金鑰為 c0b7cfc6-3172-465a-b378-53c7ff2cc0d5
  • 針對 MDVM 所提供的 AWS 容器弱點評量,金鑰為 c27441ae-775c-45be-8ffa-655de37362ce
  • 針對 MDVM 所提供的 GCP 容器弱點評量,金鑰為 5cc3a2c1-8397-456f-8792-fe9d0d4c9145

以下是一般安全性子評量查詢範例,可用來做為建置查詢的範例。 此查詢會提取過去一小時內產生的第一個子評量。

securityresources 
| where type =~ "microsoft.security/assessments/subassessments" and properties.additionalData.assessedResourceType == "AzureContainerRegistryVulnerability"
| extend assessmentKey=extract(@"(?i)providers/Microsoft.Security/assessments/([^/]*)", 1, id)
| where assessmentKey == "c0b7cfc6-3172-465a-b378-53c7ff2cc0d5"
| extend timeGenerated = properties.timeGenerated
| where timeGenerated > ago(1h)

查詢結果 - Azure 子評量

[
  {
    "id": "/subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroup}/providers/Microsoft.ContainerRegistry/registries/{Registry Name}/providers/Microsoft.Security/assessments/c0b7cfc6-3172-465a-b378-53c7ff2cc0d5/subassessments/{SubAssessmentId}",
    "name": "{SubAssessmentId}",
    "type": "microsoft.security/assessments/subassessments",
    "tenantId": "{TenantId}",
    "kind": "",
    "location": "global",
    "resourceGroup": "{ResourceGroup}",
    "subscriptionId": "{SubscriptionId}",
    "managedBy": "",
    "sku": null,
    "plan": null,
    "properties": {
      "id": "CVE-2022-42969",
      "additionalData": {
        "assessedResourceType": "AzureContainerRegistryVulnerability",
        "vulnerabilityDetails": {
          "severity": "High",
          "exploitabilityAssessment": {
            "exploitStepsPublished": false,
            "exploitStepsVerified": false,
            "isInExploitKit": false,
            "exploitUris": [],
            "types": [
              "Remote"
            ]
          },
          "lastModifiedDate": "2023-09-12T00:00:00Z",
          "publishedDate": "2022-10-16T06:15:00Z",
          "workarounds": [],
          "references": [
            {
              "title": "CVE-2022-42969",
              "link": "https://nvd.nist.gov/vuln/detail/CVE-2022-42969"
            },
            {
              "title": "oval:org.opensuse.security:def:202242969",
              "link": "https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.15.xml.gz"
            },
            {
              "title": "oval:com.microsoft.cbl-mariner:def:11166",
              "link": "https://raw.githubusercontent.com/microsoft/CBL-MarinerVulnerabilityData/main/cbl-mariner-1.0-oval.xml"
            },
            {
              "title": "ReDoS in py library when used with subversion ",
              "link": "https://github.com/advisories/GHSA-w596-4wvx-j9j6"
            }
          ],
          "weaknesses": {
            "cwe": [
              {
                "id": "CWE-1333"
              }
            ]
          },
          "cveId": "CVE-2022-42969",
          "cvss": {
            "2.0": null,
            "3.0": {
              "cvssVectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "base": 7.5
            }
          },
          "cpe": {
            "language": "*",
            "softwareEdition": "*",
            "version": "*",
            "targetHardware": "*",
            "targetSoftware": "python",
            "vendor": "py",
            "edition": "*",
            "product": "py",
            "update": "*",
            "other": "*",
            "part": "Applications",
            "uri": "cpe:2.3:a:py:py:*:*:*:*:*:python:*:*"
          }
        },
        "artifactDetails": {
          "lastPushedToRegistryUTC": "2023-09-04T16:05:32.8223098Z",
          "repositoryName": "public/azureml/aifx/stable-ubuntu2004-cu117-py39-torch200",
          "registryHost": "ptebic.azurecr.io",
          "artifactType": "ContainerImage",
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "digest": "sha256:4af8e6f002401a965bbe753a381af308b40d8947fad2b9e1f6a369aa81abee59",
          "tags": [
            "biweekly.202309.1"
          ]
        },
        "softwareDetails": {
          "category": "Language",
          "language": "python",
          "fixedVersion": "",
          "version": "1.11.0.0",
          "vendor": "py",
          "packageName": "py",
          "osDetails": {
            "osPlatform": "linux",
            "osVersion": "ubuntu_linux_20.04"
          },
          "fixStatus": "FixAvailable",
          "evidence": []
        },
        "cvssV30Score": 7.5
      },
      "description": "This vulnerability affects the following vendors: Pytest, Suse, Microsoft, Py. To view more details about this vulnerability please visit the vendor website.",
      "displayName": "CVE-2022-42969",
      "resourceDetails": {
        "id": "/repositories/public/azureml/aifx/stable-ubuntu2004-cu117-py39-torch200/images/sha256:4af8e6f002401a965bbe753a381af308b40d8947fad2b9e1f6a369aa81abee59",
        "source": "Azure"
      },
      "timeGenerated": "2023-09-12T13:36:15.0772799Z",
      "remediation": "No remediation exists",
      "status": {
        "description": "Disabled parent assessment",
        "severity": "High",
        "code": "NotApplicable",
        "cause": "Exempt"
      }
    },
    "tags": null,
    "identity": null,
    "zones": null,
    "extendedLocation": null,
    "assessmentKey": "c0b7cfc6-3172-465a-b378-53c7ff2cc0d5",
    "timeGenerated": "2023-09-12T13:36:15.0772799Z"
  }
]

查詢結果 - AWS 子評量

[
  {
    "id": "/subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroup}/providers/ microsoft.security/ securityconnectors/{SecurityConnectorName}/ securityentitydata/aws-ecr-repository-{RepositoryName}-{Region}/providers/Microsoft.Security/assessments/c27441ae-775c-45be-8ffa-655de37362ce/subassessments/{SubAssessmentId}",
    "name": "{SubAssessmentId}",
    "type": "microsoft.security/assessments/subassessments",
    "tenantId": "{TenantId}",
    "kind": "",
    "location": "global",
    "resourceGroup": "{ResourceGroup}",
    "subscriptionId": "{SubscriptionId}",
    "managedBy": "",
    "sku": null,
    "plan": null,
    "properties": {
      "description": "This vulnerability affects the following vendors: Debian, Fedora, Luatex_Project, Miktex, Oracle, Suse, Tug, Ubuntu. To view more details about this vulnerability please visit the vendor website.",
      "resourceDetails": {
          "id": "544047870946.dkr.ecr.us-east-1.amazonaws.com/mc/va/eastus/verybigimage@sha256:87e18285c301bc09b7f2da126992475eb0c536d38272aa0a7066324b7dda3d87",
          "source": "Aws",
          "connectorId": "649e5f3a-ea19-4057-88fd-58b1f4b774e2",
          "region": "us-east-1",
          "nativeCloudUniqueIdentifier": "arn:aws:ecr:us-east-1:544047870946:image/mc/va/eastus/verybigimage",
          "resourceProvider": "ecr",
          "resourceType": "repository",
          "resourceName": "mc/va/eastus/verybigimage",
          "hierarchyId": "544047870946"
      },
      "additionalData": {
          "assessedResourceType": "AwsContainerRegistryVulnerability",
          "cvssV30Score": 7.8,
          "vulnerabilityDetails": {
              "severity": "High",
              "exploitabilityAssessment": {
                  "exploitStepsPublished": false,
                  "exploitStepsVerified": false,
                  "isInExploitKit": false,
                  "exploitUris": [],
                  "types": []
              },
              "lastModifiedDate": "2023-11-07T00:00:00.0000000Z",
              "publishedDate": "2023-05-16T00:00:00.0000000Z",
              "workarounds": [],
              "weaknesses": {
                  "cwe": []
              },
              "references": [
                  {
                      "title": "CVE-2023-32700",
                      "link": "https://nvd.nist.gov/vuln/detail/CVE-2023-32700"
                  },
                  {
                      "title": "CVE-2023-32700_oval:com.oracle.elsa:def:20233661",
                      "link": "https://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2"
                  },
                  {
                      "title": "CVE-2023-32700_oval:com.ubuntu.bionic:def:61151000000",
                      "link": "https://security-metadata.canonical.com/oval/com.ubuntu.bionic.usn.oval.xml.bz2"
                  },
                  {
                      "title": "CVE-2023-32700_oval:org.debian:def:155787957530144107267311766002078821941",
                      "link": "https://www.debian.org/security/oval/oval-definitions-bullseye.xml"
                  },
                  {
                      "title": "oval:org.opensuse.security:def:202332700",
                      "link": "https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.15.xml.gz"
                  },
                  {
                      "title": "texlive-base-20220321-72.fc38",
                      "link": "https://archives.fedoraproject.org/pub/fedora/linux/updates/38/Everything/x86_64/repodata/c7921a40ea935e92e8cfe8f4f0062fbc3a8b55bc01eaf0e5cfc196d51ebab20d-updateinfo.xml.xz"
                  }
              ],
              "cvss": {
                  "2.0": null,
                  "3.0": {
                      "cvssVectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                      "base": 7.8
                  }
              },
              "cveId": "CVE-2023-32700",
              "cpe": {
                  "language": "*",
                  "softwareEdition": "*",
                  "version": "*",
                  "targetSoftware": "ubuntu_linux_20.04",
                  "targetHardware": "*",
                  "vendor": "ubuntu",
                  "edition": "*",
                  "product": "libptexenc1",
                  "update": "*",
                  "other": "*",
                  "part": "Applications",
                  "uri": "cpe:2.3:a:ubuntu:libptexenc1:*:*:*:*:*:ubuntu_linux_20.04:*:*"
              }
          },
          "artifactDetails": {
              "repositoryName": "mc/va/eastus/verybigimage",
              "registryHost": "544047870946.dkr.ecr.us-east-1.amazonaws.com",
              "lastPushedToRegistryUTC": "2022-06-26T13:24:03.0000000Z",
              "artifactType": "ContainerImage",
              "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
              "digest": "sha256:87e18285c301bc09b7f2da126992475eb0c536d38272aa0a7066324b7dda3d87",
              "tags": [
                  "latest"
              ]
          },
          "softwareDetails": {
              "fixedVersion": "2019.20190605.51237-3ubuntu0.1",
              "language": "",
              "category": "OS",
              "osDetails": {
                  "osPlatform": "linux",
                  "osVersion": "ubuntu_linux_20.04"
              },
              "version": "2019.20190605.51237-3build2",
              "vendor": "ubuntu",
              "packageName": "libptexenc1",
              "fixStatus": "FixAvailable",
              "evidence": [
                  "dpkg-query -f '${Package}:${Source}:\\n' -W | grep -e ^libptexenc1:.* -e .*:libptexenc1: | cut -f 1 -d ':' | xargs dpkg-query -s",
                  "dpkg-query -f '${Package}:${Source}:\\n' -W | grep -e ^libptexenc1:.* -e .*:libptexenc1: | cut -f 1 -d ':' | xargs dpkg-query -s"
              ],
              "fixReference": {
                  "description": "USN-6115-1: TeX Live vulnerability 2023 May 30",
                  "id": "USN-6115-1",
                  "releaseDate": "2023-05-30T00:00:00.0000000Z",
                  "url": "https://ubuntu.com/security/notices/USN-6115-1"
              }
          }
      },
      "timeGenerated": "2023-12-11T13:23:58.4539977Z",
      "displayName": "CVE-2023-32700",
      "remediation": "Create new image with updated package libptexenc1 with version 2019.20190605.51237-3ubuntu0.1 or higher.",
      "status": {
          "severity": "High",
          "code": "Unhealthy"
      },
      "id": "CVE-2023-32700"
    },
    "tags": null,
    "identity": null,
    "zones": null,
    "extendedLocation": null,
    "assessmentKey": "c27441ae-775c-45be-8ffa-655de37362ce",
    "timeGenerated": "2023-12-11T13:23:58.4539977Z"
  }
]

查詢結果 - GCP 子評量

[
  {
    "id": "/subscriptions/{SubscriptionId}/resourceGroups/{ResourceGroup}/providers/ microsoft.security/ securityconnectors/{SecurityConnectorName}/securityentitydata/gar-gcp-repository-{RepositoryName}-{Region}/providers/Microsoft.Security/assessments/5cc3a2c1-8397-456f-8792-fe9d0d4c9145/subassessments/{SubAssessmentId}",
    "name": "{SubAssessmentId}",
    "type": "microsoft.security/assessments/subassessments",
    "tenantId": "{TenantId}",
    "kind": "",
    "location": "global",
    "resourceGroup": "{ResourceGroup}",
    "subscriptionId": "{SubscriptionId}",
    "managedBy": "",
    "sku": null,
    "plan": null,
    "properties": {
      "description": "This vulnerability affects the following vendors: Alpine, Debian, Libtiff, Suse, Ubuntu. To view more details about this vulnerability please visit the vendor website.",
      "resourceDetails": {
          "id": "us-central1-docker.pkg.dev/detection-stg-manual-tests-2/hital/nginx@sha256:09e210fe1e7f54647344d278a8d0dee8a4f59f275b72280e8b5a7c18c560057f",
          "source": "Gcp",
          "resourceType": "repository",
          "nativeCloudUniqueIdentifier": "projects/detection-stg-manual-tests-2/locations/us-central1/repositories/hital/dockerImages/nginx@sha256:09e210fe1e7f54647344d278a8d0dee8a4f59f275b72280e8b5a7c18c560057f",
          "resourceProvider": "gar",
          "resourceName": "detection-stg-manual-tests-2/hital/nginx",
          "hierarchyId": "788875449976",
          "connectorId": "40139bd8-5bae-e3e0-c640-2a45cdcd2d0c",
          "region": "us-central1"
      },
      "displayName": "CVE-2017-11613",
      "additionalData": {
          "assessedResourceType": "GcpContainerRegistryVulnerability",
          "vulnerabilityDetails": {
              "severity": "Low",
              "lastModifiedDate": "2023-12-09T00:00:00.0000000Z",
              "exploitabilityAssessment": {
                  "exploitStepsPublished": false,
                  "exploitStepsVerified": false,
                  "exploitUris": [],
                  "isInExploitKit": false,
                  "types": [
                      "PrivilegeEscalation"
                  ]
              },
              "publishedDate": "2017-07-26T00:00:00.0000000Z",
              "workarounds": [],
              "references": [
                  {
                      "title": "CVE-2017-11613",
                      "link": "https://nvd.nist.gov/vuln/detail/CVE-2017-11613"
                  },
                  {
                      "title": "129463",
                      "link": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129463"
                  },
                  {
                      "title": "CVE-2017-11613_oval:com.ubuntu.trusty:def:36061000000",
                      "link": "https://security-metadata.canonical.com/oval/com.ubuntu.trusty.usn.oval.xml.bz2"
                  },
                  {
                      "title": "CVE-2017-11613_oval:org.debian:def:85994619016140765823174295608399452222",
                      "link": "https://www.debian.org/security/oval/oval-definitions-stretch.xml"
                  },
                  {
                      "title": "oval:org.opensuse.security:def:201711613",
                      "link": "https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.15.xml.gz"
                  },
                  {
                      "title": "CVE-2017-11613-cpe:2.3:a:alpine:tiff:*:*:*:*:*:alpine_3.9:*:*-3.9",
                      "link": "https://security.alpinelinux.org/vuln/CVE-2017-11613"
                  }
              ],
              "weaknesses": {
                  "cwe": [
                      {
                          "id": "CWE-20"
                      }
                  ]
              },
              "cvss": {
                  "2.0": null,
                  "3.0": {
                      "cvssVectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R",
                      "base": 3.3
                  }
              },
              "cveId": "CVE-2017-11613",
              "cpe": {
                  "version": "*",
                  "language": "*",
                  "vendor": "debian",
                  "softwareEdition": "*",
                  "targetSoftware": "debian_9",
                  "targetHardware": "*",
                  "product": "tiff",
                  "edition": "*",
                  "update": "*",
                  "other": "*",
                  "part": "Applications",
                  "uri": "cpe:2.3:a:debian:tiff:*:*:*:*:*:debian_9:*:*"
              }
          },
          "cvssV30Score": 3.3,
          "artifactDetails": {
              "lastPushedToRegistryUTC": "2023-12-11T08:33:13.0000000Z",
              "repositoryName": "detection-stg-manual-tests-2/hital/nginx",
              "registryHost": "us-central1-docker.pkg.dev",
              "artifactType": "ContainerImage",
              "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
              "digest": "sha256:09e210fe1e7f54647344d278a8d0dee8a4f59f275b72280e8b5a7c18c560057f",
              "tags": [
                  "1.12"
              ]
          },
          "softwareDetails": {
              "version": "4.0.8-2+deb9u2",
              "language": "",
              "fixedVersion": "4.0.8-2+deb9u4",
              "vendor": "debian",
              "category": "OS",
              "osDetails": {
                  "osPlatform": "linux",
                  "osVersion": "debian_9"
              },
              "packageName": "tiff",
              "fixReference": {
                  "description": "DSA-4349-1: tiff security update 2018 November 30",
                  "id": "DSA-4349-1",
                  "releaseDate": "2018-11-30T22:41:54.0000000Z",
                  "url": "https://security-tracker.debian.org/tracker/DSA-4349-1"
              },
              "fixStatus": "FixAvailable",
              "evidence": [
                  "dpkg-query -f '${Package}:${Source}:\\n' -W | grep -e ^tiff:.* -e .*:tiff: | cut -f 1 -d ':' | xargs dpkg-query -s",
                  "dpkg-query -f '${Package}:${Source}:\\n' -W | grep -e ^tiff:.* -e .*:tiff: | cut -f 1 -d ':' | xargs dpkg-query -s"
              ]
          }
      },
      "timeGenerated": "2023-12-11T10:25:43.8751687Z",
      "remediation": "Create new image with updated package tiff with version 4.0.8-2+deb9u4 or higher.",
      "id": "CVE-2017-11613",
      "status": {
          "severity": "Low",
          "code": "Unhealthy"
      }
    },
    "tags": null,
    "identity": null,
    "zones": null,
    "extendedLocation": null,
    "assessmentKey": "5cc3a2c1-8397-456f-8792-fe9d0d4c9145",
    "timeGenerated": "2023-12-11T10:25:43.8751687Z"
  }
]

定義

名稱 描述
ResourceDetails 已評量的 Azure 資源詳細資料
ContainerRegistryVulnerability 更多容器登錄弱點評量的內容欄位
CVE CVE 詳細資料
CVSS CVSS 詳細資料
SecuritySubAssessment 資源的安全性子評量
SecuritySubAssessmentList 安全性子評量清單
ArtifactDetails 受影響容器映像的詳細資料
SoftwareDetails 受影響軟體套件的詳細資料
FixReference 修正的詳細資料 (若有)
OS 詳細資料 OS 資訊的詳細資料
VulnerabilityDetails 偵測到弱點的詳細資料
CPE 通用平台列舉
CWE 常見弱點列舉
VulnerabilityReference 弱點的參考連結
ExploitabilityAssessment 範例惡意探索的參考連結

ContainerRegistryVulnerability (MDVM)

其他 Azure 容器登錄弱點評量的內容欄位

名稱 類型 說明
assessedResourceType string:
AzureContainerRegistryVulnerability
AwsContainerRegistryVulnerability
GcpContainerRegistryVulnerability
子評量資源類型
cvssV30Score 數值 CVSS V3 分數
vulnerabilityDetails VulnerabilityDetails
artifactDetails ArtifactDetails
softwareDetails SoftwareDetails

ArtifactDetails

受影響容器映像的內容詳細資料

名稱 類型 說明
repositoryName String 儲存機制名稱
RegistryHost String 登錄主機
lastPublishedToRegistryUTC 時間戳記 上次發佈日期的 UTC 時間戳記
artifactType 字串:ContainerImage
mediaType String 層次媒體類型
Digest String 易受攻擊映像的摘要
標籤 String 易受攻擊映像的標記

軟體詳細資料

受影響軟體套件的詳細資料

名稱 類型 說明
fixedVersion String 已修正的版本
category String 弱點類別 – OS 或語言
osDetails OsDetails
language String 受影響套件的語言 (例如 Python、.NET) 也可能是空的
version String
vendor String
套件名稱 String
fixStatus String 未知、FixAvailable、NoFixAvailable、Scheduled、WontFix
辨識項 String 套件的證據
fixReference FixReference

FixReference

修正的詳細資料 (若有)

名稱 類型 description
識別碼 String 修正識別碼
描述 String 修正描述
releaseDate 時間戳記 修正時間戳記
URL String 修正通知的 URL

OS 詳細資料

OS 資訊的詳細資料

名稱 類型 說明
osPlatform String 例如:Linux、Windows
osName String 範例:Ubuntu
osVersion String

VulnerabilityDetails

偵測到弱點的詳細資料

嚴重性 嚴重性 子評量嚴重性層級
LastModifiedDate 時間戳記
publishedDate 時間戳記 發行日期
ExploitabilityAssessment ExploitabilityAssessment
CVSS Dictionary <string, CVSS> 從 cvss 版本到 cvss 詳細資料物件的字典
因應措施 因應措施 已發行的弱點因應措施
參考資料 VulnerabilityReference
弱點 弱點
cveId String CVE 識別碼
Cpe CPE

CPE (通用平台列舉)

名稱 類型 說明
語言 String 語言標籤
softwareEdition String
版本 String 套件版本
targetSoftware String 目標軟體
vendor String 廠商
product String Products
edition String
update String
其他 String
組件 String 應用程式硬體作業系統
uri String CPE 2.3 格式化 URI

弱點

名稱 類型 說明
CWE CWE

Cwe (常見弱點列舉)

CWE 詳細資料

名稱 類型 description
識別碼 String CWE ID

VulnerabilityReference

弱點的參考連結

名稱 類型 說明
連結 String 參考 URL
title String 參考標題

ExploitabilityAssessment

範例惡意探索的參考連結

名稱 類型 說明
exploitUris String
exploitStepsPublished 布林值 已發佈惡意探索步驟
exploitStepsVerified 布林值 已驗證惡意探索步驟
isInExploitKit 布林值 這是惡意探索套件的一部分
types String 惡意探索類型,例如:NotAvailable、Dos、Local、Remote、WebApps、PrivilegeEscalation

ResourceDetails - Azure

已評量的 Azure 資源詳細資料

名稱 類型 說明
識別碼 string 已評量資源的 Azure 資源識別碼
來源 字串:Azure 評量資源所在的平台

ResourceDetails - AWS / GCP

已評量 AWS/GCP 資源的詳細資料

名稱 類型 說明
id string 已評量資源的 Azure 資源識別碼
來源 字串:Aws/Gcp 評量資源所在的平台
connectorId string 連接器識別碼
region string 區域
nativeCloudUniqueIdentifier string 已評量資源的原生雲端資源識別碼
resourceProvider 字串:ecr/gar/gcr 評量的資源提供者
resourceType string 已評量的資源類型
resourceName string 已評量的資源名稱
hierarchyId string 帳戶識別碼 (Aws) / 專案識別碼 (Gcp)

SubAssessmentStatus

子評量的狀態

名稱 類型 說明
cause String 評量狀態原因的程式設計程式碼
code SubAssessmentStatusCode 評量狀態的程式設計程式碼
description string 人類看得懂的評量狀態描述
severity severity 子評量嚴重性層級

SubAssessmentStatusCode

評量狀態的程式設計程式碼

名稱 類型 說明
Healthy string 資源狀況良好
不適用 string 此資源的評量未發生
Unhealthy string 資源有需要解決的安全性問題

SecuritySubAssessment

資源的安全性子評量

名稱 類型 說明
識別碼 string 資源識別碼
NAME 字串 資源名稱
properties.additionalData AdditionalData: AzureContainerRegistryVulnerability 子評量的詳細資料
properties.category string 子評量的類別
properties.description string 人類看得懂的評量狀態描述
properties.displayName string 使用者易記的子評量顯示名稱
properties.id string 弱點識別碼
properties.impact string 此子評量影響的描述
properties.remediation string 如何補救此子評量的資訊
properties.resourceDetails ResourceDetails:
Azure 資源詳細資料
AWS/GCP 資源詳細資料
已評量的資源詳細資料
properties.status SubAssessmentStatus 子評量的狀態
properties.timeGenerated string 產生子評量的日期和時間
type string 資源類型

SecuritySubAssessmentList

安全性子評量清單

名稱 類型 說明
nextLink string 擷取下一頁的 URI。
value SecuritySubAssessment 資源的安全性子評量