Search vulnerabilities

POST {{baseUrl}}/was/v2/vulnerabilities/search?limit=-54086346&offset=-54086346&sort=last_seen:desc,ipv4:asc

Returns a list of vulnerabilities detected by Tenable.io Web Application Scanning API v2 scans.

Requires BASIC [16] user permissions and CAN VIEW [16] scan permissions. See Permissions.

Request Params

If you specify multiple fields, the fields must be separated by commas. For example, name:desc,created_at:asc would first sort results by the name field in descending order and then by the created_at field in ascending order. |

Request Body

{"AND"=>[{"field"=>"folder_name", "operator"=>"match", "value"=>"My Scans"}, {"field"=>"folder_name", "operator"=>"match", "value"=>"My Scans"}], "OR"=>[{"field"=>"folder_name", "operator"=>"match", "value"=>"My Scans"}, {"field"=>"folder_name", "operator"=>"match", "value"=>"My Scans"}]}

HEADERS

RESPONSES

status: OK

{"page_number":0,"page_size":3,"order_by":"created_at","ordering":"desc","sort":[{"name":"created_at","order":"desc"}],"total_size":632,"data":[{"vuln_id":"5e2cab9e-a63d-4016-97aa-4c9a336c9b53","scan_id":"cd8a58db-af6c-47b3-b402-dd34021fa419","plugin_id":98000,"created_at":"2020-12-07T20:01:19Z","uri":"http://example.com/","is_page":false,"details":{"input_name":null,"input_type":null,"output":"\nEngine Version      1.8.0_DEVELOP_SNAPSHOT-1518\nScan ID             cd8a58db-af6c-47b3-b402-dd34021fa419\n\nStart Time          2020-12-07 20:01:00 +0000\nDuration            00:00:17\n\nRequests            163\nRequests/s          19.6194\nMean Response Time  0.0917s\n\nBandwidth Usage\n- Data to Target    54.5 KB\n- Data from Target  43 KB\n\nTimeouts Encountered\nNetwork Timeouts    0\nBrowser Timeouts    0\n\n\nHTTP Protocols Detected\n- HTTP\n- HTTPs\n\n\nAuthentication Identified\n- None\n\n\nPlugins\n- 50 have been included per scan policy\n- 69 have been started based on target information collected\n\nList of plugins is available in 'plugins.csv' attachment.\n\n\nSettings used to conduct this scan are available in 'configuration.csv' attachment.\n","proof":null,"payload":null,"selector":null,"selector_url":null,"signature":null,"request":null,"response":null},"attachments":[{"attachment_id":"c7adb5af-7646-429e-880d-3c8812dc4185","created_at":"2020-12-07T20:01:23.650014Z","attachment_name":"configuration.csv","md5":"md5:48be107f67f1cdc0e9d63a8f6cafc27e","file_type":"text/plain","size":2184},{"attachment_id":"d5a3104d-2e60-4e71-a2cb-e24ea67f00f8","created_at":"2020-12-07T20:01:23.595659Z","attachment_name":"plugins.csv","md5":"md5:3ad245715cdb6856430dd1e71f7cb522","file_type":"text/plain","size":3236}]},{"vuln_id":"664a5df7-7053-484f-b5a5-68d85451a289","scan_id":"cd8a58db-af6c-47b3-b402-dd34021fa419","plugin_id":98059,"created_at":"2020-12-07T20:01:19Z","uri":"http://example.com/","is_page":false,"details":{"input_name":null,"input_type":null,"output":"The framework has detected the following technologies in the target application:\n\n- Bootstrap (version unknown)\n- Apache (v2.4.6)","proof":null,"payload":null,"selector":null,"selector_url":null,"signature":null,"request":null,"response":null},"attachments":[{"attachment_id":"5bd370d8-72e4-4ee0-afa7-cc087cd554da","created_at":"2020-12-07T20:01:23.451700Z","attachment_name":"technologies.csv","md5":"md5:aa89c953c21f31a1a7b01b3cafce50ab","file_type":"text/plain","size":254}]},{"vuln_id":"7e357e69-d45e-447c-ac56-102e7c01c328","scan_id":"cd8a58db-af6c-47b3-b402-dd34021fa419","plugin_id":98009,"created_at":"2020-12-07T20:01:19Z","uri":"http://example.com/","is_page":false,"details":{"input_name":null,"input_type":null,"output":"The scan has discovered 1 distinct URL.\n\nThe following is a breakdown of which URLs were audited:\n\n- 1 effectively audited\n\nFor URLs we received responses for, here is a distribution of the content type headers:\n\n- 1 text/html; charset=utf-8\n\nResponse times ranged between 0.156857s and 0.156857s.\n\nYou can access the complete list of URLs with the information collected by the scan as an attachment to this plugin.","proof":null,"payload":null,"selector":null,"selector_url":null,"signature":null,"request":null,"response":null},"attachments":[{"attachment_id":"955dea88-83d0-4004-b9db-846ddad4e856","created_at":"2020-12-07T20:01:23.509304Z","attachment_name":"sitemap.csv","md5":"md5:7534a6027dfa163d99e12359bfbd033a","file_type":"text/plain","size":290}]}],"pagination":{"total":632,"offset":0,"limit":3,"sort":[{"name":"created_at","order":"desc"}]},"items":[{"vuln_id":"5e2cab9e-a63d-4016-97aa-4c9a336c9b53","scan_id":"cd8a58db-af6c-47b3-b402-dd34021fa419","plugin_id":98000,"created_at":"2020-12-07T20:01:19Z","uri":"http://example.com/","is_page":false,"details":{"input_name":null,"input_type":null,"output":"\nEngine Version      1.8.0_DEVELOP_SNAPSHOT-1518\nScan ID             cd8a58db-af6c-47b3-b402-dd34021fa419\n\nStart Time          2020-12-07 20:01:00 +0000\nDuration            00:00:17\n\nRequests            163\nRequests/s          19.6194\nMean Response Time  0.0917s\n\nBandwidth Usage\n- Data to Target    54.5 KB\n- Data from Target  43 KB\n\nTimeouts Encountered\nNetwork Timeouts    0\nBrowser Timeouts    0\n\n\nHTTP Protocols Detected\n- HTTP\n- HTTPs\n\n\nAuthentication Identified\n- None\n\n\nPlugins\n- 50 have been included per scan policy\n- 69 have been started based on target information collected\n\nList of plugins is available in 'plugins.csv' attachment.\n\n\nSettings used to conduct this scan are available in 'configuration.csv' attachment.\n","proof":null,"payload":null,"selector":null,"selector_url":null,"signature":null,"request":null,"response":null},"attachments":[{"attachment_id":"c7adb5af-7646-429e-880d-3c8812dc4185","created_at":"2020-12-07T20:01:23.650014Z","attachment_name":"configuration.csv","md5":"md5:48be107f67f1cdc0e9d63a8f6cafc27e","file_type":"text/plain","size":2184},{"attachment_id":"d5a3104d-2e60-4e71-a2cb-e24ea67f00f8","created_at":"2020-12-07T20:01:23.595659Z","attachment_name":"plugins.csv","md5":"md5:3ad245715cdb6856430dd1e71f7cb522","file_type":"text/plain","size":3236}]},{"vuln_id":"664a5df7-7053-484f-b5a5-68d85451a289","scan_id":"cd8a58db-af6c-47b3-b402-dd34021fa419","plugin_id":98059,"created_at":"2020-12-07T20:01:19Z","uri":"http://example.com/","is_page":false,"details":{"input_name":null,"input_type":null,"output":"The framework has detected the following technologies in the target application:\n\n- Bootstrap (version unknown)\n- Apache (v2.4.6)","proof":null,"payload":null,"selector":null,"selector_url":null,"signature":null,"request":null,"response":null},"attachments":[{"attachment_id":"5bd370d8-72e4-4ee0-afa7-cc087cd554da","created_at":"2020-12-07T20:01:23.451700Z","attachment_name":"technologies.csv","md5":"md5:aa89c953c21f31a1a7b01b3cafce50ab","file_type":"text/plain","size":254}]},{"vuln_id":"7e357e69-d45e-447c-ac56-102e7c01c328","scan_id":"cd8a58db-af6c-47b3-b402-dd34021fa419","plugin_id":98009,"created_at":"2020-12-07T20:01:19Z","uri":"http://example.com/","is_page":false,"details":{"input_name":null,"input_type":null,"output":"The scan has discovered 1 distinct URL.\n\nThe following is a breakdown of which URLs were audited:\n\n- 1 effectively audited\n\nFor URLs we received responses for, here is a distribution of the content type headers:\n\n- 1 text/html; charset=utf-8\n\nResponse times ranged between 0.156857s and 0.156857s.\n\nYou can access the complete list of URLs with the information collected by the scan as an attachment to this plugin.","proof":null,"payload":null,"selector":null,"selector_url":null,"signature":null,"request":null,"response":null},"attachments":[{"attachment_id":"955dea88-83d0-4004-b9db-846ddad4e856","created_at":"2020-12-07T20:01:23.509304Z","attachment_name":"sitemap.csv","md5":"md5:7534a6027dfa163d99e12359bfbd033a","file_type":"text/plain","size":290}]}]}