List vulnerabilities

GET {{baseUrl}}/workbenches/vulnerabilities?age=67454373&authenticated=true&date_range=67454373&exploitable=true&filter.0.filter=?filter.0.filter=plugin.name&filter.0.quality=%26filter.0.quality=match&filter.0.value=%26filter.0.value=RHEL&filter.search_type=&resolvable=true&severity=low

Returns a list of recorded vulnerabilities. The list returned is limited to 5,000. To retrieve more than 5,000 vulnerabilities, use the export-request API. Additionally, this endpoint only returns data less than 450 days (15 months) old.

Note: This endpoint is not intended for large or frequent exports of vulnerability or assets data. If you experience errors, reduce the volume, rate, or concurrency of your requests or narrow your filters. Contact support if you continue to experience errors. Additionally, Tenable recommends the POST /vulns/export endpoint for large or frequent exports of vulnerability data, and the POST /assets/export endpoint for large or frequent exports of assets data.

For information and best practices for retrieving vulnerability and assets data from Tenable.io, see Retrieve Vulnerability Data from Tenable.io and Retrieve Asset Data from Tenable.io.

Requires BASIC [16] user permissions. See Permissions.

Request Params

KeyDatatypeRequiredDescription
agenumberLists only those vulnerabilities older than a certain number of days.
authenticatedbooleanLists only authenticated vulnerabilities.
date_rangenumberThe number of days of data prior to and including today that should be returned.
exploitablebooleanLists only exploitable vulnerabilities.
filter.0.filterstringThe name of the filter to apply to the exported scan report. You can find available filters by using the GET /filters/workbenches/vulnerabilities endpoint. For more information about the format of this parameter, see Workbench Filters.
filter.0.qualitystringThe operator of the filter to apply to the exported scan report. You can find the operators for the filter using the GET /filters/workbenches/vulnerabilities endpoint. For more information about the format of this parameter, see Workbench Filters.
filter.0.valuestringThe value of the filter to apply to the exported scan report. You can find valid values for the filter in the 'control' attribute of the objects returned by the GET /filters/workbenches/vulnerabilities endpoint. For more information about the format of this parameter, see Workbench Filters.
filter.search_typenullFor multiple filters, specifies whether to use the AND or the OR logical operator. The default is AND. For more information about this parameter, see Workbench Filters.
resolvablebooleanLists only those vulnerabilities with a remediation path.
severitystringLists only vulnerabilities of a specific severity (critical, high, medium or low)

RESPONSES

status: OK

{"vulnerabilities":[{"count":319,"plugin_family":"General","plugin_id":51192,"plugin_name":"SSL Certificate Cannot Be Trusted","vulnerability_state":"Active","vpr_score":2.4,"accepted_count":0,"recasted_count":0,"counts_by_severity":[{"count":319,"value":2}],"severity":2},{"count":215,"plugin_family":"Misc.","plugin_id":70658,"plugin_name":"SSH Server CBC Mode Ciphers Enabled","vulnerability_state":"Active","vpr_score":7.4,"accepted_count":0,"recasted_count":0,"counts_by_severity":[{"count":215,"value":1}],"severity":1},{"count":168,"plugin_family":"Misc.","plugin_id":71049,"plugin_name":"SSH Weak MAC Algorithms Enabled","vulnerability_state":"Active","vpr_score":5.5,"accepted_count":0,"recasted_count":0,"counts_by_severity":[{"count":168,"value":1}],"severity":1}],"total_vulnerability_count":3,"total_asset_count":0}