Patch Management Release 3.8 API
July 4, 2025
Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For this API Release Notes, <qualys_base_url> is mentioned in the sample API requests.
New API: Get List of Fix Based Mitigations
| New or Updated API | New |
| API Endpoint | /mtg/v1/vulnerabilities/mitigations |
| Method | POST |
| DTD or XSD changes | Not Applicable |
We have introduced a new Get List of Fix based Mitigations API that provides a list of fix-based mitigations with CVE and mitigation details for Windows and Linux platforms.
Input ParametersInput Parameters
|
Parameter |
Mandatory/ |
Data Type |
Description |
|---|---|---|---|
| pageNumber | Optional | Number | Specify the page number. |
| pageSize | Optional | Number | Specify the page size. The maximum page size allowed is 200. |
| qids | Optional | Number | Specify the QID to filter the list. |
| platform | Optional | String | Specify the platform type. For example, Windows, Linux. |
| implication | Optional | String |
Specify the implication type in capital letters.
Only FIX type mitigation is supported. The value is case sensitive. |
Sample - Get List of Fix based mitigations for Windows and Linux (without filter)Sample - Get List of Fix based mitigations for Windows and Linux (without filter)
This API provides a list of all QIDs with FIX type implication for Windows and Linux platforms. The maximum page size is 200.
API Request
curl -X 'POST' \
'<quayls_base_url>/mtg/v1/vulnerabilities/mitigations' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>\
-H 'Content-Type: application/json' \
-d '{}' API Response
[
{
"qid": 511693,
"vulnMitigation": {
"Linux": {
"scriptBased": {
"CVE-2019-9516": [
{
"mitigationId": "01914b7b-58af-73cf-b305-0386a423d5cc",
"mitigationType": "Enforce System Hardening",
"mitigationCategory": null,
"description": "To remove the nghttp2 package on Debian, sudo apt purge command is used on: nghttp2. On RHEL, sudo yum remove command is used on: nghttp2. This process ensures the package and its dependencies are completely removed from the system.",
"impactFactor": 100,
"isDefault": false,
"implication": "FIX"
}
],
"CVE-2019-9513": [
{
"mitigationId": "01914b66-695a-716a-9689-88a9704d3406",
"mitigationType": "Enforce System Hardening",
"mitigationCategory": null,
"description": "To remove the nghttp2 package on Debian, sudo apt purge command is used on: nghttp2. On RHEL, sudo yum remove command is used on: nghttp2. This process ensures the package and its dependencies are completely removed from the system.",
"impactFactor": 100,
"isDefault": false,
"implication": "FIX"
}
]
}
}
}
},
{
"qid": 378079,
"vulnMitigation": {
"Windows": {
"scriptBased": {
"CVE-2023-22883": [
{
"mitigationId": "0fc55933-2421-4d73-a7ae-9c97fd0860eb",
"mitigationType": "Install Update",
"mitigationCategory": null,
"description": "The signature updates Zoom to the latest version. Note If Zoom is installed in the user space, it will first uninstall it and then install the latest version for all users.",
"impactFactor": 0,
"isDefault": true,
"implication": "FIX"
}
]
}
}
}
}
]
Sample - Get List of Fix based mitigations for Windows (with filter)Sample - Get List of Fix based mitigations for Windows (with filter)
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/vulnerabilities/mitigations' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d '{
"pageNumber": 0,
"pageSize": 2,
"qids": [],
"platform": [
"Windows"
],
"implication": [
"FIX"
]
}'API Response
[
{
"qid": 92163,
"vulnMitigation": {
"Windows": {
"scriptBased": {
"CVE-2024-38177": [
{
"mitigationId": "93e31bb0-447c-465a-94d3-c5e42f09687b",
"mitigationType": "Install Update",
"mitigationCategory": null,
"description": "The signature will install the latest version of Windows App Installer.",
"impactFactor": 100,
"isDefault": true,
"implication": "FIX"
}
]
}
}
}
},
{
"qid": 370177,
"vulnMitigation": {
"Windows": {
"scriptBased": {
"CVE-2016-7855": [
{
"mitigationId": "2c92f84d-b99c-47bd-b5a8-5b46e148788f",
"mitigationType": "Uninstall EOL",
"mitigationCategory": null,
"description": "Adobe no longer supports Flash Player after December 31, 2020 and blocked Flash content from running in Flash Player beginning January 12, 2021, Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems. This script checks for Adobe Flash Player and if found installed, it proceeds to uninstall it.",
"impactFactor": 0,
"isDefault": true,
"implication": "FIX"
}
]
}
}
}
}
]
Sample - Get List of Fix based mitigations with specific QIDsSample - Get List of Fix based mitigations with specific QIDs
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/vulnerabilities/mitigations' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d '{
"pageNumber": 0,
"pageSize": 10,
"qids": [379939,105511],
"platform": [
"Windows"
],
"implication": [
"FIX"
]
}'API Response
[
{
"qid": 105511,
"vulnMitigation": {
"Windows": {
"scriptBased": {
"105511": [
{
"mitigationId": "4f45f994-2a2a-4ead-ac03-ece2278751ee",
"mitigationType": "Uninstall EOL",
"mitigationCategory": null,
"description": "Adobe Reader 9.x installed. Adobe ended support for Adobe Reader 9.x on June 26, 2013 and provides no further updates. The script checks the installed version of Adobe Reader, and if it matches any of the affected versions, it proceeds to uninstall it.",
"impactFactor": 0,
"isDefault": true,
"implication": "FIX"
}
]
}
}
}
},
{
"qid": 379939,
"vulnMitigation": {
"Windows": {
"scriptBased": {
"CVE-2024-27239": [
{
"mitigationId": "9a3e1c8e-7ff1-4f3a-8f1e-3c762f3628d3",
"mitigationType": "Uninstall Plugin",
"mitigationCategory": null,
"description": "The signature will remove vulnerable Zoom VDI plugins. Note: Use this signature only when the vulnerability detection is based on Zoom VDI.",
"impactFactor": 0,
"isDefault": false,
"implication": "FIX"
}
],
"CVE-2024-27246": [
{
"mitigationId": "0fc55933-2421-4d73-a7ae-9c97fd0860eb",
"mitigationType": "Install Update",
"mitigationCategory": null,
"description": "The signature updates Zoom to the latest version. Note If Zoom is installed in the user space, it will first uninstall it and then install the latest version for all users.",
"impactFactor": 0,
"isDefault": true,
"implication": "FIX"
}
],
"CVE-2024-27245": [
{
"mitigationId": "0fc55933-2421-4d73-a7ae-9c97fd0860eb",
"mitigationType": "Install Update",
"mitigationCategory": null,
"description": "The signature updates Zoom to the latest version. Note If Zoom is installed in the user space, it will first uninstall it and then install the latest version for all users.",
"impactFactor": 0,
"isDefault": true,
"implication": "FIX"
}
]
}
}
}
}
]New API: Create On-Demand Mitigation Job
| New or Updated API | New |
| API Endpoint | /mtg/v1/deploymentjob |
| Method | POST |
| DTD or XSD changes | Not Applicable |
We have introduced a new Create On-Demand Mitigation Job API that is used to create on-demand Windows and Linux mitigation jobs.
Sample - Create Windows On-Demand Mitigation JobSample - Create Windows On-Demand Mitigation Job
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d 'API Body
{
"qids": [
378985,
90044
],
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75",
"2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8"
],
"name": "MTG_WINDOWS_ONDEMAND_DEMO",
"description": "Test Mitigation Job",
"scheduleType": "On-demand",
"schemaVersion": "1.0",
"startDateTime": null,
"status": "Enabled",
"timezone": null,
"timezoneType": null,
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"exclusionTagIds": [
"9947851b-017f-4df5-8831-5073392a51c2"
],
"matchAllTagIds": [],
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"platform": "Windows",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "johnd@qualys.com,danielm@qualys.com",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}API Response
{
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"id": "72a50f23-d80d-4abf-84ff-4509ba17b732",
"schemaVersion": "1.0",
"name": "MTG_WINDOWS_ONDEMAND_DEMO",
"description": "Test Mitigation Job",
"type": "Install",
"status": "Enabled",
"assetIds": null,
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"scheduleType": "On-demand",
"startDateTime": "2025-7-01 09:57:18 AM",
"recurring": false,
"timezoneType": "SPECIFIC_TZ",
"timezone": "UTC",
"createdBy": {
"user": {
"id": "b0f469fe-8f5e-f169-80e1-95e8a728bb5d",
"name": "quaysxkm35",
"fullName": "John Doe"
},
"date": 1751363834317
},
"updatedBy": {
"user": null,
"date": null
},
"deletedBy": {
"user": null,
"date": null
},
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 0,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Mitigation",
"platform": "Windows",
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75",
"2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8"
],
"matchAllTagIds": [],
"exclusionTagIds": [
"9947851b-017f-4df5-8831-5073392a51c2"
],
"exclusionAssetIds": [],
"filterType": "Any",
"exclusionFilterType": "Any",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "johnd@qualys.com,danielm@qualys.com",
"completedPercentage": "80"
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
},
"assetDetectionsQQL": "tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75,2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8] AND not tags.uuid: [9947851b-017f-4df5-8831-5073392a51c2] AND trackingMethod:QAGENT",
"preDeployActions": [
{
"actionId": "eb0c59e8-78eb-4f0d-9225-4fd7fe3b558e",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 378985,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"CVE-2016-2183"
],
"mitigationId": "3f3d2fae-96ec-4d73-83d6-3cf0264ac1dc",
"mitigationType": "Modify registry",
"carScriptId": 226363191,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "684162a0-2ce5-46ad-9ea6-56e8a2dd1e47",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 90044,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"90044"
],
"mitigationId": "414d7f53-1409-4045-ba3d-7e71ef39abfb",
"mitigationType": "Modify registry",
"carScriptId": 494972837,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
}
],
"postDeployActions": null,
"vulnQQL": "vulnerabilities.vulnerability.qid:[378985, 90044]"
}New API: Create Run Once Mitigation Job
| New or Updated API | New |
| API Endpoint | /mtg/v1/deploymentjob |
| Method | POST |
| DTD or XSD changes | Not Applicable |
We have introduced a new Create Run Once Mitigation Job API that is used to create the run once Windows and Linux mitigation jobs.
Sample - Create Windows Run Once Mitigation JobSample - Create Windows Run Once Mitigation Job
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d 'API Body
{
"qids": [378985,90044],
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75", "2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8"
],
"name": "MTG_WINDOWS_RUNONCE_DEMO",
"description": "Test Mitigation Job",
"scheduleType": "Once",
"schemaVersion": "1.0",
"startDateTime": "2025-07-01 03:37:00 PM",
"status": "Enabled",
"timezone": "Asia/Kolkata",
"timezoneType": "SPECIFIC_TZ",
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"exclusionTagIds": ["9947851b-017f-4df5-8831-5073392a51c2"],
"matchAllTagIds": [],
"coAuthorUserIds": ["430c474e-2309-47bf-832b-a6e5685c3866"],
"exclusionAssetIds": [],
"platform": "Windows",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "johnd@qualys.com,danielm@qualys.com",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}'API Response
{
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"id": "2278d48d-1d8c-46ed-a66f-612779b67cb9",
"schemaVersion": "1.0",
"name": "MTG_WINDOWS_RUNONCE_DEMO",
"description": "Test Mitigation Job",
"type": "Install",
"status": "Enabled",
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"scheduleType": "Once",
"startDateTime": "2025-07-01 03:37:00 PM",
"recurring": false,
"timezoneType": "SPECIFIC_TZ",
"timezone": "Asia/Kolkata",
"createdBy": {
"user": {
"id": "b0f469fe-8f5e-f169-80e1-95e8a728bb5d",
"name": "quaysxkm35",
"fullName": "John Doe"
},
"date": 1751364352541
},
"updatedBy": {
"user": null,
"date": null
},
"deletedBy": {
"user": null,
"date": null
},
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 0,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Mitigation",
"platform": "Windows",
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75",
"2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8"
],
"matchAllTagIds": [],
"exclusionTagIds": [
"9947851b-017f-4df5-8831-5073392a51c2"
],
"filterType": "Any",
"exclusionFilterType": "Any",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "johnd@qualys.com,danielm@qualys.com",
"completedPercentage": "80"
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
},
"assetDetectionsQQL": "tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75,2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8] AND not tags.uuid: [9947851b-017f-4df5-8831-5073392a51c2] AND trackingMethod:QAGENT",
"preDeployActions": [
{
"actionId": "78ad97fc-d8fe-4aa1-b42b-7c65f609a931",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 378985,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"CVE-2016-2183"
],
"mitigationId": "3f3d2fae-96ec-4d73-83d6-3cf0264ac1dc",
"mitigationType": "Modify registry",
"carScriptId": 226363191,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "61db088e-5fe5-47a4-bac2-f0bd0459b832",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 90044,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"90044"
],
"mitigationId": "414d7f53-1409-4045-ba3d-7e71ef39abfb",
"mitigationType": "Modify registry",
"carScriptId": 494972837,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
}
],
"postDeployActions": null,
"vulnQQL": "vulnerabilities.vulnerability.qid:[378985, 90044]"
}New API: Update On-Demand Mitigation Job
| New or Updated API | New |
| API Endpoint | /mtg/v1/deploymentjob/{deploymentJobId} |
| Method | POST |
| DTD or XSD changes | Not Applicable |
We have introduced a new Update On-Demand Mitigation Job API that is used to update the on-demand Windows and Linux mitigation jobs.
Input ParametersInput Parameters
|
Parameter |
Mandatory/ |
Data Type |
Description |
|---|---|---|---|
| deploymentJobId | Mandatory | String | Specify the job ID. |
Sample - Update Windows on-demand mitigation JobSample - Update Windows on-demand mitigation Job
API Request
curl -X 'PATCH' \
'<qualys>/mtg/v1/deploymentjob/4730541c-091e-443c-95d3-c8a6f34bc4bd' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d API Body
{
"qids": [
378985,
90044,
105965
],
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75",
"2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8"
],
"name": "MTG_WINDOWS_ONDEMAND_DEMO",
"description": "Test Mitigation Job",
"scheduleType": "On-demand",
"schemaVersion": "1.0",
"startDateTime": null,
"status": "Disabled",
"timezone": null,
"timezoneType": null,
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"exclusionTagIds": [
"9947851b-017f-4df5-8831-5073392a51c2"
],
"matchAllTagIds": [],
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"platform": "Windows",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "j@qualys.com",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}API Response
{
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"id": "4730541c-091e-443c-95d3-c8a6f34bc4bd",
"schemaVersion": "1.0",
"name": "MTG_WINDOWS_ONDEMAND_DEMO",
"description": "Test Mitigation Job",
"type": "Install",
"status": "Disabled",
"assetIds": null,
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"scheduleType": "On-demand",
"startDateTime": null,
"recurring": false,
"timezoneType": null,
"timezone": null,
"createdBy": null,
"updatedBy": {
"user": {
"id": "b0f469fe-8f5e-f169-80e1-95e8a728bb5d",
"name": "quaysxkm35",
"fullName": null
},
"date": 1751382808261
},
"deletedBy": null,
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 0,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Mitigation",
"platform": "Windows",
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75",
"2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8"
],
"matchAllTagIds": [],
"exclusionTagIds": [
"9947851b-017f-4df5-8831-5073392a51c2"
],
"exclusionAssetIds": null,
"filterType": "Any",
"exclusionFilterType": "Any",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "johnd@qualys.com",
"completedPercentage": "80"
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
},
"assetDetectionsQQL": "tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75,2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8] AND not tags.uuid: [9947851b-017f-4df5-8831-5073392a51c2] AND trackingMethod:QAGENT",
"preDeployActions": [
{
"actionId": "316b89a8-6189-40cb-9115-626a0dd9b55b",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 378985,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"CVE-2016-2183"
],
"mitigationId": "3f3d2fae-96ec-4d73-83d6-3cf0264ac1dc",
"mitigationType": "Modify registry",
"carScriptId": 226363191,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "a607b08d-4ea9-40cf-ac46-fd39f8a1b594",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 105965,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"105965"
],
"mitigationId": "ce7eb2cf-61c4-4362-9523-349eb8e1e7da",
"mitigationType": "Uninstall EOL",
"carScriptId": 2099399004,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "e6a1950e-fec1-427e-82cc-134e9d2b5647",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 90044,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"90044"
],
"mitigationId": "414d7f53-1409-4045-ba3d-7e71ef39abfb",
"mitigationType": "Modify registry",
"carScriptId": 494972837,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
}
],
"postDeployActions": null,
"vulnQQL": "vulnerabilities.vulnerability.qid:[378985, 105965, 90044]"
}New API: Get Mitigation Deployment Job Result Summary
| New or Updated API | New |
| API Endpoint | mtg/v1/deploymentjob/{deploymentJobId}/deploymentjobresult/summary |
| Method | POST |
| DTD or XSD changes | Not Applicable |
We have introduced a new get Mitigation Deployment Job Result Summary for the specified job ID. This API provides a detailed summary of the job result for the given job ID.
Input ParametersInput Parameters
|
Parameter |
Mandatory/ |
Data Type |
Description |
|---|---|---|---|
| deploymentJobId | Mandatory | String | Specify the job Id. |
| pageNumber | Optional | Number | Specify the page number. The page number starts from 0. |
| pageSize | Optional | Number | Specify the page size. The page size is the number of rows returned per page. The default page size is 10. |
| sort | Optional | String | Specify the fields for sorting. The format is JSON. For example, [{"status":"asc"}] |
Sample - Get mitigation job result summarySample - Get mitigation job result summary
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob/fa078690-2829-4724-9954-c7e51c0078b0/deploymentjobresult/summary \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d '{"query":"assetName:'\''Mock_Windows2'\''"}'API Body
'{"query":"assetName:'\''Mock_Windows2'\''"}'API Response
{
"id": "fa078690-2829-4724-9954-c7e51c0078b0",
"name": "RISKELIMINATIONMITIGATENOW_1748511622702",
"assetCount": 1,
"createdBy": "quays_zy52",
"createdOn": 1748511855546,
"assets": [
{
"asset": {
"id": "5b365616-9c57-4225-a16b-dea69b143a77",
"name": "Mock_Windows2",
"operatingSystem": "Microsoft Windows Server 2012 R2 Standard 6.3.9600 64-bit N/A Build 9600",
"tags": [
{
"id": "909075bb-a86b-4bfc-8936-2644f5b66ff6",
"name": null
}
],
"lastLoggedOnUser": "",
"jobInstanceId": 1,
"interfaces": [
{
"interfaceName": null,
"macAddress": null,
"address": "1x.xxx.xx.xx5",
"gatewayAddress": null
}
]
},
"endDateTime": 1751198812665,
"startDateTime": 1751198786098,
"statusDateTime": 1751198812665,
"status": "Completed With Failure",
"statusCode": "20361",
"jobSentOn": 0,
"skipped": null,
"failedActionsCount": 1,
"successfulActionsCount": 0,
"skippedActionsCount": 0,
"partialActionsCount": 0,
"interimResultStatus": null,
"scanDateTime": 1750853212665,
"osIdentifier": "WINDOWS"
}
]
}New API: Get Mitigation Deployment Job Action Result By Job ID
| New or Updated API | New |
| API Endpoint | /mtg/v1/deploymentjob/{deploymentJobId}/deploymentjobresult/actions |
| Method | POST |
| DTD or XSD changes | Not Applicable |
We have introduced a new Get Mitigation Deployment Job Action Result by Job ID API that fetches the results of the job action for the specified job ID.
Input ParametersInput Parameters
|
Parameter |
Mandatory/ |
Data Type |
Description |
|---|---|---|---|
| agentUUID | Mandatory | String | Specify the agent UUID. |
| endDateTime | Mandatory | Integer |
Specify the endDateTime. Example, "endDateTime": 1751198812665 You can get the endDateTime from the response of Get Mitigation Deployment Job Result Summary API. |
| pageNumber | Optional | Number | Specify the page number. The page number starts from 0. |
| pageSize | Optional | Number | Specify the page size. The page size is the number of rows returned per page. The default page size is 10. |
| deploymentjobid | Mandatory | String | Specify the deployment ID. |
Sample - Get mitigation job action result by job IDSample - Get mitigation job action result by job ID
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob/fa078690-2829-4724-9954-c7e51c0078b0/deploymentjobresult/actions?agentUUID=5b365616-9c57-4225-a16b-dea69b143a77&endDateTime=1751198812665' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d 'API Body
{
"query": "actionStatus:[Succeeded,Failed,Skipped,Partial]"
}
API Response
[
{
"id": "bcbad0d7-48b9-4219-b7e3-144ba33ab8f1",
"actionType": "Pre-action",
"action": "Apply Mitigation",
"params": {
"actionItem": "379223Win19-8",
"hostVulnId": "79369755",
"mitigationCategory": "Virtual Patching",
"qid": "90043",
"qidDetectionId": "278889858",
"timeout": "180",
"qidTitle": "SMB Signing Disabled or SMB Signing Not Required",
"qds": "35",
"detectionScoreMax": "35",
"detectionScoreMin": "35"
},
"errorMessage": "Internal Server Error",
"returnCode": 101,
"statusCode": 101,
"mitigationList": [
{
"mitigationId": "26107aea-e566-4ced-afbf-3aa0e596079c",
"mitigationType": "DUMMY SCRIPT",
"impactFactor": 15,
"implication": 0,
"cves": [
"CVE-2023-24882"
],
"args": [
{
"argName": "port",
"argValue": "80"
}
],
"status": "Failed",
"errorCode": 101,
"errorMessage": "Internal Server Error"
}
],
"qidProperties": {
"port": [
"80"
]
}
},
{
"id": "d73b5ee2-ce9c-4b1f-a510-37ff9bc232d6",
"actionType": "Pre-action",
"action": "Apply Mitigation",
"params": {
"actionItem": "91996Win19-8",
"hostVulnId": "79369755",
"mitigationCategory": "Virtual Patching",
"qid": "90044",
"qidDetectionId": "278889858",
"timeout": "180",
"qidTitle": "Allowed Null Session",
"qds": "37",
"detectionScoreMax": "37",
"detectionScoreMin": "36"
},
"errorMessage": "Internal Server Error",
"returnCode": 2,
"statusCode": 2,
"mitigationList": [
{
"mitigationId": "414d7f53-1409-4045-ba3d-7e71ef39abfb",
"mitigationType": "DUMMY SCRIPT",
"impactFactor": 15,
"implication": 0,
"cves": [
"CVE-2022-41125"
],
"args": [
{
"argName": "port",
"argValue": "80"
}
],
"status": "Succeeded",
"errorCode": 0,
"errorMessage": "Internal Server Error"
},
{
"mitigationId": "270b9309-0f35-43e4-98a0-d14205842a25",
"mitigationType": "Disable Feature",
"impactFactor": 25,
"implication": 0,
"cves": [
"CVE-2022-41128"
],
"args": [
{
"argName": "port",
"argValue": "80"
},
{
"argName": "port",
"argValue": "90"
},
{
"argName": "Software",
"argValue": "Chrome"
}
],
"status": "Failed",
"errorCode": 101
}
],
"qidProperties": {
"port": [
"90",
"80"
],
"Software": [
"Chrome"
]
}
}
]New API: Get List of All Mitigation Deployment Jobs
| New or Updated API | New |
| API Endpoint | mtg/v1/deploymentjobs |
| Method | GET |
| DTD or XSD changes | Not Applicable |
We have introduced a new Get List of All Mitigation Deployment Jobs API for the specified platform. This API fetches the list of all mitigation jobs for Windows or Linux platforms.
Input ParametersInput Parameters
|
Parameter |
Mandatory/ |
Data Type |
Description |
|---|---|---|---|
| filter | Optional | String | Specify the filters. You can filter the responses by id, name, type, status and so on. |
| pageSize | Optional | Number | Specify the page size. The page size is the number of rows returned per page. The default page size is 10. |
| pageNumber | Optional | Number | Specify the page number. The page number starts from 0. |
| sort | Optional | String | Specify the fields for sorting. The format is JSON. For example, [{"status":"asc"}] |
| attributes | Optional | String | Specify the comma seperated string of attributes to be fetched, such as name, type, status and so on. |
| ownedJob | Optional | Boolean | Specify the value true or false. By default the value is false. It displays the jobs for which the user is a co-author. |
| platform | Mandatory | String | Specify the platform. Example, Linux. If no value is specified, the response displays the Windows platform output by default. |
Sample - Get list of all mitigation deployment jobs for windowsSample - Get list of all mitigation deployment jobs for windows
API Request
curl -X
'GET' '<qualys_base_url>/mtg/v1/deploymentjobs?ownedJob=false&coauthorJob=false&platform=Windows' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>'API Response
[
{
"id": "df1057bc-86cf-4782-9ef4-5aa0824f6775",
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"schemaVersion": "1.0",
"name": "RISKELIMINATIONMITIGATENOW_1751034523691",
"type": "Install",
"status": "Disabled",
"timezone": "UTC",
"scheduleType": "On-demand",
"startDateTime": "2025-6-27 02:28:54 PM",
"isRecurring": false,
"timezoneType": "SPECIFIC_TZ",
"deleted": false,
"updated": null,
"created": {
"user": {
"id": "f080cf76-0de1-fd80-826c-ea22cf7da868",
"name": "quaysxkm30",
"fullName": "John Doe"
},
"date": 1751034534477
},
"assetCount": null,
"applicableAssetCount": 2,
"taggedAssetCount": 0,
"coAuthorUserIds": [],
"category": 3,
"jobSource": 2,
"subCategory": "Mitigation",
"triggerStatus": 0,
"platform": "Windows",
"filterType": "Any",
"exclusionFilterType": "Any",
"assets": [],
"tags": [
{
"id": "576b4fab-2682-433e-b3e6-c4ea9861ae75",
"name": "Cloud Agent"
}
],
"matchAllTags": [],
"exclusionTags": [],
"exclusionAssetIds": [],
"dayOfMonth": null,
"nextScheduleDateTime": null,
"lastScheduleDateTime": null,
"assetDetectionsQQL": "(tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75])",
"mitigationActionCount": 1,
"vulnQQL": "vulnerabilities.qualysMitigable:TRUE and vulnerabilities.qualysMitigableType:Fix and (vulnerabilities.vulnerability:(threatIntel.malware:True or threatIntel.activeAttacks:True or threatIntel.exploitKit:True or threatIntel.wormable:True)) and (vulnerabilities.nonRunningKernel: FALSE and vulnerabilities.nonExploitableService:FALSE and vulnerabilities.nonExploitableConfig:FALSE) and vulnerabilities.typeDetected: [Confirmed] and vulnerabilities.vulnerability.qid:[379223]"
},
{
"id": "dd085cbf-58c1-4344-bc6c-a607b66561d7",
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"schemaVersion": "1.0",
"name": "MTG_3",
"type": "Install",
"status": "Disabled",
"timezone": "UTC",
"scheduleType": "On-demand",
"startDateTime": "2025-6-27 02:50:12 PM",
"isRecurring": false,
"timezoneType": "SPECIFIC_TZ",
"deleted": false,
"updated": null,
"created": {
"user": {
"id": "f080cf76-0de1-fd80-826c-ea22cf7da868",
"name": "quaysxkm30",
"fullName": "John Doe"
},
"date": 1751035812028
},
"assetCount": null,
"applicableAssetCount": 2,
"taggedAssetCount": 0,
"coAuthorUserIds": [],
"category": 3,
"jobSource": 3,
"subCategory": "Mitigation",
"triggerStatus": 0,
"platform": "Windows",
"filterType": "Any",
"exclusionFilterType": "Any",
"assets": [
{
"id": "0d8d1b3e-148c-43e7-b155-8cc3de731878",
"name": null
}
],
"tags": [
{
"id": "9947851b-017f-4df5-8831-5073392a51c2",
"name": "Test1"
}
],
"matchAllTags": [],
"exclusionTags": [],
"exclusionAssetIds": [],
"dayOfMonth": null,
"nextScheduleDateTime": null,
"lastScheduleDateTime": null,
"assetDetectionsQQL": "(tags.uuid: [9947851b-017f-4df5-8831-5073392a51c2]) OR (agentId: [0d8d1b3e-148c-43e7-b155-8cc3de731878]) AND trackingMethod:QAGENT",
"mitigationActionCount": 2,
"vulnQQL": "vulnerabilities.vulnerability.qid:[378985, 90044]"
},
{
"id": "08ea46b0-99dd-440a-a6d3-d99bec11dac7",
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"schemaVersion": "1.0",
"name": "MTG_WINDOWS_ONDEMAND_DEMO-1",
"type": "Install",
"status": "Prepared",
"timezone": "UTC",
"scheduleType": "On-demand",
"startDateTime": "2025-7-01 10:02:41 AM",
"isRecurring": false,
"timezoneType": "SPECIFIC_TZ",
"deleted": false,
"updated": null,
"created": {
"user": {
"id": "b0f469fe-8f5e-f169-80e1-95e8a728bb5d",
"name": "quaysxkm35",
"fullName": "John Doe"
},
"date": 1751364158722
},
"assetCount": null,
"applicableAssetCount": 1,
"taggedAssetCount": 0,
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"category": 3,
"jobSource": 3,
"subCategory": "Mitigation",
"triggerStatus": 1,
"platform": "Windows",
"filterType": "All",
"exclusionFilterType": "All",
"assets": null,
"tags": [
{
"id": "2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8",
"name": "Test2"
},
{
"id": "576b4fab-2682-433e-b3e6-c4ea9861ae75",
"name": "Cloud Agent"
}
],
"matchAllTags": [],
"exclusionTags": [
"9947851b-017f-4df5-8831-5073392a51c2"
],
"exclusionAssetIds": [],
"dayOfMonth": null,
"nextScheduleDateTime": null,
"lastScheduleDateTime": null,
"assetDetectionsQQL": "(tags.uuid:2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8 AND tags.uuid:576b4fab-2682-433e-b3e6-c4ea9861ae75) AND not (tags.uuid:9947851b-017f-4df5-8831-5073392a51c2) AND trackingMethod:QAGENT",
"mitigationActionCount": 2,
"vulnQQL": "vulnerabilities.vulnerability.qid:[378985, 90044]"
}
]filterNew API: Delete Mitigation Deployment Jobs
| New or Updated API | New |
| API Endpoint | mtg/v1/deploymentjobs |
| Method | DELETE |
| DTD or XSD changes | Not Applicable |
We have introduced a new Delete Mitigation Deployment Jobs API that can be used to delete the specified mitigation jobs using the job IDs.
Sample - Delete mitigation deployment jobsSample - Delete mitigation deployment jobs
API Request
curl -X 'DELETE' \
'<qualys_base_url>/mtg/v1/deploymentjobs' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d 'API Body
{ "ids": [ "df122402-076c-4a99-bf2a-f4ed3c2aa25f", "e24416bd-9202-4d14-8839-2a5dbd1784ee" ] }'
API Response
[
{
"id": "df122402-076c-4a99-bf2a-f4ed3c2aa25f",
"name": "MTG-WINDOWS-2",
"status": "success"
},
{
"id": "e24416bd-9202-4d14-8839-2a5dbd1784ee",
"name": "MTG_RUN_ONCE111",
"status": "success"
}
]
Updated API: Create Deployment Job API for Access Management
| New or Updated API | Updated |
| API Endpoint | /pm/v1/deploymentjob |
| Method | POST |
| DTD or XSD changes | Not Applicable |
With this release, we have added two new roles: Custom Access Manager and Patch Custom Access Manager. If the Custom Access Manager role is not assigned to the user, the user cannot add any co-authors to the patch deployment job.
Earlier, the user always had the permission to add the co-author role.
Updated ParametersUpdated Parameters
|
Updated Parameter |
Description |
|---|---|
| coAuthorUserId |
Specify the user IDs of the users that you need to add as co-authors to the job. If the users you specify as co-authors do not have the Custom Access Manager role assigned, the API response will display an Access Denied error. |
Sample - Create Patch Deployment JobSample - Create Patch Deployment Job
API Request
curl -X POST "<QualysBaseURL>/pm/v1/deploymentjob" -H "accept: application/json" -H "Authorization: Bearer <Jwt token>" { "name": "RBAC_CustomRole_job", "description": "dfsf", "type": "Install", "status": "Disabled", "assetIds": [ "798cae9b-e8b0-4b50-ac98-74754a80b618" ], "coAuthorUserIds": [ "ce0bb83b-e158-5a18-83b4-9dfc3079fe99", "cfdffb50-70ba-d175-8191-367e005fb948" ], "scheduleType": "Daily", "startDateTime": "2025-6-16 03:25:00 PM", "recurring": true, "timezoneType": "AGENT_TZ", "timezone": null, "assetCount": null, "taggedAssetCount": 0, "applicableAssetCount": 1, "totalAssetCount": null, "assetResultReceivedCount": null, "jobCategory": 3, "jobTriggerStatus": null, "completionPercent": null, "jobSource": 3, "readOnly": false, "subCategory": "Patch", "platform": "Windows", "assetTagIds": null, "matchAllTagIds": null, "exclusionTagIds": null, "exclusionAssetIds": null, "approvedPatches": null, "disabledPatches": null, "patchCount": 0, "recurringWeekDays": "", "dayOfMonth": null, "recurringDayOfMonth": null, "recurringWeekDayOfMonth": null, "timeout": -1, "timeoutUnit": "HOURS", "preDeployment": { "userMessage": "", "description": "", "deferment": { "count": 3, "interval": 1, "intervalUnit": "HOURS" } }, "duringDeployment": { "userMessage": "", "description": "" }, "postDeployment": { "suppressReboots": false, "rebootHonorOnUserLogin": false, "rebootOption": { "userMessage": "", "description": "", "deferment": { "count": 3, "interval": 1, "intervalUnit": "HOURS" } }, "rebootCountdown": { "interval": 15, "intervalUnit": "MINUTES", "userMessage": "", "description": "" }, "onComplete": { "userMessage": "", "description": "", "alwaysShowCompletedPrompt": false } }, "opportunisticDownloads": false, "filterType": "Any", "exclusionFilterType": "Any", "minimizeWindow": false, "dynamicPatchesQQL": "", "isDynamicPatchesQQL": false, "dynamicQQLType": 1, "assetDetectionsQQL": "", "continueOnPatchFailure": false, "preDeployActions": null, "postDeployActions": null, "monthlyRecurringType": null, "patchTuesdayPlusXDays": null, "recurringLastDayOfMonth": false, "notification": null, "linkedJobId": null, "linkedToJob": null, "linkedJobs": null, "jobStartCountdown": null, "passwordAction": null, "additionalDynamicQQLType": null, "additionalDynamicPatchesQQL": null, "downloadRandomizeTime": 0, "downloadRandomizeTimeUnit": "MINUTES", "customPatchURLId": null, "isVulnContext": false, "remediationQids": null, "isAssetImported": false, "enableReattemptFailedPatches": false, "reattemptFailedPatches": null, "allowExecutionWithPendingReboot": false }
API Response
Response Code : 403
Error: Forbidden
Response body:
{
"_error": {
"code": 403,
"message": "Access denied, permission to add job coauthors absent for user: 17fa81ef-904b-c390-8227-228c259739be, customer: ba8f205c-c6b1-4339-8230-582d346fb2cc"
}
}Updated API: Update Deployment Job API for Access Management
| New or Updated API | Updated |
| API Endpoint | /pm/v1/deploymentjob/update/{deploymentJobId} |
| Method | PATCH |
| DTD or XSD changes | Not Applicable |
With this release, we have added two new roles Custom Access Manager and Patch Custom Access Manager. If the Custom Access Manager role is not assigned to the user, the user cannot add any co-authors to the patch deployment job.
Earlier, the user always had the permission to add the co-author role.
Updated ParametersUpdated Parameters
|
Updated Parameter |
Description |
|---|---|
| coAuthorUserId |
Specify the user IDs of the users that you need to add as co-author's to the job. If the users you specify as co-authors do not have the Custom Access Manager role assigned, the API response will display an Access Denied error. |
Sample - Update Patch Deployment JobSample - Update Patch Deployment Job
API Request
curl -X PATCH
"https://<QualysBaseURL>/pm/v1/deploymentjob/update/16be09aa-5415-4a58-8295-8a4ac8db6f26"
-H "accept: application/json"
-H "Authorization: <<Jwt Token>>"
-H "Content-Type: application/json"
{
"name": "testRBACMSSP_job_edit_without_custom_role",
"description": "dfsf",
"type": "Install",
"status": "Disabled",
"coAuthorUserIds": [
"857df385-1ce2-4c06-8337-a771ff92085d",
"4631892c-3bb2-cbbe-83e8-605e88a54596",
"cfdffb50-70ba-d175-8191-367e005fb948"
],
"scheduleType": "Daily",
"startDateTime": "2025-6-16 03:25:00 PM",
"recurring": true,
"timezoneType": "AGENT_TZ",
"timezone": null,
"deletedBy": {
"user": null,
"date": null
},
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 1,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Patch",
"platform": "Windows",
"assetIds": [
"798cae9b-e8b0-4b50-ac98-74754a80b618"
],
"assetTagIds": null,
"matchAllTagIds": null,
"exclusionTagIds": null,
"exclusionAssetIds": null,
"approvedPatches": null,
"disabledPatches": null,
"patchCount": 0,
"recurringWeekDays": "",
"dayOfMonth": null,
"recurringDayOfMonth": null,
"recurringWeekDayOfMonth": null,
"timeout": -1,
"timeoutUnit": "HOURS",
"preDeployment": {
"userMessage": "",
"description": "",
"deferment": {
"count": 3,
"interval": 1,
"intervalUnit": "HOURS"
}
},
"duringDeployment": {
"userMessage": "",
"description": ""
},
"postDeployment": {
"suppressReboots": false,
"rebootHonorOnUserLogin": false,
"rebootOption": {
"userMessage": "",
"description": "",
"deferment": {
"count": 3,
"interval": 1,
"intervalUnit": "HOURS"
}
},
"rebootCountdown": {
"interval": 1,
"intervalUnit": "HOURS",
"userMessage": "",
"description": ""
},
"onComplete": {
"userMessage": "",
"description": "",
"alwaysShowCompletedPrompt": false
}
},
"opportunisticDownloads": false,
"filterType": "Any",
"exclusionFilterType": "Any",
"minimizeWindow": false,
"dynamicPatchesQQL": "",
"isDynamicPatchesQQL": false,
"dynamicQQLType": 1,
"assetDetectionsQQL": "",
"continueOnPatchFailure": false,
"preDeployActions": null,
"postDeployActions": null,
"monthlyRecurringType": null,
"patchTuesdayPlusXDays": null,
"recurringLastDayOfMonth": false,
"notification": null,
"linkedJobId": null,
"linkedToJob": null,
"linkedJobs": null,
"jobStartCountdown": null,
"passwordAction": null,
"additionalDynamicQQLType": null,
"additionalDynamicPatchesQQL": null,
"downloadRandomizeTime": 0,
"downloadRandomizeTimeUnit": "MINUTES",
"customPatchURLId": null,
"isVulnContext": false,
"remediationQids": null,
"isAssetImported": false,
"enableReattemptFailedPatches": false,
"reattemptFailedPatches": null,
"allowExecutionWithPendingReboot": false
}
API Response
Response Code : 403
Error: Forbidden
Response body:
{
"_error": {
"code": 403,
"message": "Access denied, permission to add job coauthors absent for user: 17fa81ef-904b-c390-8227-228c259739be, customer: ba8f205c-c6b1-4339-8230-582d346fb2cc"
}
} UI Release Updates
To know in detail about the UI features, enhancements and issues addressed, see Patch Management Release 3.8.