GET List of Vulnerabilities discovered by EASM Scan
Click here to see this page in full context


GET List of Vulnerabilities discovered by EASM Scan

This API helps you to get a list of vulnerabilities discovered by an EASM scan.

[POST] /rest/2.0/search/am/easm/scan/vulns

Input ParametersInput Parameters

Parameters

Mandatory/

Optional

Data Type

Description

asset.assetId

Optional

Integer

 Provide the asset Id for which you want to get the list of vulnerabilities.

vulnerabilities.disabled

 Optional Boolean  Provide the value true or false.

vulnerabilities.ssl

 Optional Boolean
  Provide the value true or false.

vulnerabilities.found

 Optional Boolean  Provide the value true or false.

vulnerabilities.ignored

 Optional

Boolean   

  Provide the value true or false.

vulnerabilities.qid   

 Optional

Integer   

 Provide the qid of the vulnerability.
vulnerabilities.port Optional Integer   Provide the port of the vulnerability.
vulnerabilities.protocol Optional String Provide the protocol of the vulnerability.
vulnerabilities.lastFoundDate Optional Date Provide the last found date of the vulnerability.
vulnerabilities.firstFoundDate Optional Date Provide the first found date of the vulnerability.
vulnerabilities.status Optional String Provides the current status of the vulnerability. The input values are ACTIVE, NEW, FIXED, REOPENED. 
vulnerabilities.severity Optional Integer Provides the severity value of the vulnerability. The value ranges from 1 to 5. 
vulnerabilities.solution Optional String Provides the solution value of the vulnerability. 
vulnerabilities.title Optional String Provides the title of the vulnerability.
vulnerabilities.rti Optional String Provides the Real-Time Threat Indicator (RTI) value.

The possible values are Easy_Exploit, No_Patch, Exploit_Public, Active_Attacks, High_Lateral_Movement, High_Data_loss, Denial_of_Service, Malware, Predicted_Hig_Risk, Remote-Code_execution.
vulnerabilities.patchReleaseDate Optional Date Provides the patch release date of the vulnerability on the format yyyy-mon-ddThh:mm:ss.000Z
For example, "patchReleaseDate": "2019-02-26T00:00:00.000Z"

Important to Know!

Example:  

{
 "filters": [
 {
 "field": "asset.assetID",
 "operator": "IN",
 "value": "41734168,41734549"
 }
 ]
}

Sample - Get List of Vulnerabilities discovered by EASM ScanSample - Get List of Vulnerabilities discovered by EASM Scan

API Request (without filter)

curl --location --request POST
'<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \
--header 'Authorization: Bearer <JWT Token>' \
--data-raw ''

API Response (without filter)

{
 "responseMessage": "Valid API Access",
 "count": 2,
 "responseCode": "SUCCESS",
 "lastSeenId": 23846,
 "hasMore": 0,
 "easmVulnerabilityListData": {
 "vulnerabilities": [
 {
 "id": 8760,
 "assetID": 41734168,
 "qid": 6,
 "ssl": false,
 "found": true,
 "ignored": false,
 "disabled": false,
 "lastFoundDate": "2024-04-03T00:57:58.000Z",
 "firstFoundDate": "2024-03-09T19:02:32.000Z",
 "created": "2024-03-09T19:02:32.000Z",
 "updated": "2024-04-03T00:57:58.000Z"
 },
{
 "id": 9022,
 "assetID": 41734166,
 "qid": 6,
 "ssl": false,
 "found": true,
 "ignored": false,
 "disabled": false,
 "lastFoundDate": "2024-03-23T20:54:04.000Z",
 "firstFoundDate": "2024-03-09T19:25:29.000Z",
 "created": "2024-03-09T19:25:29.000Z",
 "updated": "2024-03-23T20:54:04.000Z"
 }
 ]
 }
} 

The following example shows the sample request to get vulnerabilities for a given assetID.

API Request

curl --location --request POST
'<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \
--header 'Authorization: Bearer <JWT Token>' \
--header 'Content-Type: application/xml' \
--data-raw '<?xml version="1.0" encoding="UTF-8"?>
<FilterRequest>
<filters>
<criteria>
 <field>asset.assetID</field>
 <operator>EQUALS</operator>
 <value>43333162</value>
</criteria>
 </filters>
</FilterRequest>' 

API Response

{
 "responseMessage": "Valid API Access",
 "count": 2,
 "responseCode": "SUCCESS",
 "lastSeenId": 32304,
 "hasMore": 1,
 "easmVulnerabilityListData": {
 "vulnerabilities": [
 {
 "id": 32303,
 "assetID": 43333162,
 "qid": 86137,
 "port": 443,
 "ssl": false,
 "found": true,
 "ignored": false,
 "disabled": false,
 "protocol": "TCP",
 "lastFoundDate": "2024-04-16T06:55:08.000Z",
 "firstFoundDate": "2024-04-16T02:01:13.000Z",
 "created": "2024-04-16T02:01:13.000Z",
 "updated": "2024-04-16T06:55:08.000Z"
 },
{
 "id": 32304,
 "assetID": 43333162,
 "qid": 38704,
 "port": 443,
 "ssl": false,
 "found": true,
 "ignored": false,
 "disabled": false,
 "protocol": "TCP",
 "lastFoundDate": "2024-04-16T06:55:08.000Z",
 "firstFoundDate": "2024-04-16T02:01:13.000Z",
 "created": "2024-04-16T02:01:13.000Z",
 "updated": "2024-04-16T06:55:08.000Z"
 }
 ]
 }
}      

The following example shows a sample request to get all assets having vulnerabilities with QID.

API Request

curl --location '<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \
--header 'Content-Type: application/xml' \
--header 'Authorization: <JWT_Token>' \
--data '<?xml version="1.0" encoding="UTF-8"?>
<FilterRequest>
    <filters>
<criteria>     
        <field>vulnerabilities.qid</field>
        <operator>EQUALS</operator>
        <value>38173</value>
</criteria>
</filters>  
</FilterRequest>'

API Response

{
 "responseMessage": "Valid API Access",
 "count": 11,
 "responseCode": "SUCCESS",
 "lastSeenId": 68729,
 "hasMore": 0,
 "easmVulnerabilityListData": {
 "vulnerabilities": [
    {
      "id": 31,
      "assetID": 54513412,
      "qid": 38173,
      "port": 443,
      "found": true,
      "ignored": false,
      "disabled": false,
      "protocol": "TCP",
      "lastFoundDate": "2024-10-28T08:13:08.000Z",
      "firstFoundDate": "2024-05-29T10:12:46.000Z",
      "lastScanned": "2024-10-28T08:13:08.000Z",
      "created": "2024-05-29T10:12:46.000Z",
      "updated": "2024-10-28T08:13:08.000Z",
      "rti": [
              "Easy_Exploit",
              "No_Patch"
              ],
              "solution": "Please install a server certificate signed by a trusted third-party Certificate Authority.",
              "title": "SSL Certificate - Signature Verification Failed Vulnerability",
              "vulnStatus": "REOPENED",
              "severity": 2
            },
            {
             "id": 2836,
             "assetID": 54622241,
             "qid": 38173,
             "port": 443,
             "found": true,
             "ignored": false,
             "disabled": false,
             "protocol": "TCP",
             "lastFoundDate": "2024-06-23T01:22:15.000Z",
             "firstFoundDate": "2024-06-01T18:40:11.000Z",
             "lastScanned": "2024-06-23T01:22:15.000Z",
             "created": "2024-06-01T18:40:11.000Z",
             "updated": "2024-06-23T01:22:15.000Z",
             "rti": [
                    "Easy_Exploit",
                    "No_Patch"
                ],
             "solution": "Please install a server certificate signed by a trusted third-party Certificate Authority.",
             "title": "SSL Certificate - Signature Verification Failed Vulnerability",
             "vulnStatus": "ACTIVE",
             "severity": 2
            }
        ]
    }
}

Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in XML format)Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in XML format)

API Request

curl --location --request POST '<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \
--header 'Authorization: Bearer <JWT_Token>' \
--header 'Content-Type: application/xml' \
--data '<?xml version="1.0" encoding="UTF-8"?>
<FilterRequest>
<filters>
<criteria>
<field>vulnerabilities.severity</field>
<operator>EQUALS</operator>
<value>2</value>
</criteria>
</filters>
</FilterRequest>'

API Response

{
"responseMessage": "Valid API Access",
"count": 736,
"responseCode": "SUCCESS",
"lastSeenId": 102100,
"hasMore": 0,
"easmVulnerabilityListData": {
"vulnerabilities": [
{
"id": 4662,
"assetID": 55503403,
"qid": 38173,
"port": 443,
"ssl": true,
"found": true,
"ignored": false,
"disabled": false,
"protocol": "TCP",
"lastFoundDate": "2024-10-18T12:04:19.000Z",
"firstFoundDate": "2024-06-12T13:12:04.000Z",
"lastScanned": "2024-10-18T12:04:19.000Z",
"created": "2024-06-12T13:12:04.000Z",
"updated": "2024-10-18T12:04:19.000Z", "patchReleaseDate": "2019-02-26T00:00:00.000Z",
"rti": [
"Easy_Exploit",
"No_Patch"
],
"solution": "Please install a server certificate signed by a trusted third-party Certificate
 Authority.",
"title": "SSL Certificate - Signature Verification Failed Vulnerability",
"vulnStatus": "ACTIVE",
"severity": 2
}
]
}
}

Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in JSON format)Sample - Get List of Vulnerabilities discovered by EASM Scan (with filter in JSON format)

API Request

curl --location --request POST 
'<qualys_base_url>/rest/2.0/search/am/easm/scan/vulns' \
--header 'Authorization: Bearer <JWT_Token>' \
--header 'Content-Type: application/json' \
--data '{
"filters": [
{
"field": "vulnerabilities.severity",
"operator": "EQUALS",
"value": "2"
}
]
}'

API Response

{
"responseMessage": "Valid API Access",
"count": 736,
"responseCode": "SUCCESS",
"lastSeenId": 102100,
"hasMore": 0,
"easmVulnerabilityListData": {
"vulnerabilities": [
{
"id": 4662,
"assetID": 55503403,
"qid": 38173,
"port": 443,
"ssl": true,
"found": true,
"ignored": false,
"disabled": false,
"protocol": "TCP",
"lastFoundDate": "2024-10-18T12:04:19.000Z",
"firstFoundDate": "2024-06-12T13:12:04.000Z",
"lastScanned": "2024-10-18T12:04:19.000Z",
"created": "2024-06-12T13:12:04.000Z",
"updated": "2024-10-18T12:04:19.000Z",
rti": [
"Easy_Exploit",
"No_Patch"
],
"solution": "Please install a server certificate signed by a trusted third-party Certificate Authority.",
"title": "SSL Certificate - Signature Verification Failed Vulnerability",
"vulnStatus": "ACTIVE",
"severity": 2
}
]
}