Searching Vulnerability
Syntax help displayed in UI for Vulnerability tokens. A complete list of tokens for writing search queries is provided below. Click each token to learn more about it.
vulnerabilities.foundvulnerabilities.found
Use the values true | false to define vulnerabilities are detected or not on the asset.
Example
Show findings with vulnerabilities detected
vulnerabilities.found:true
vulnerabilities.lastFoundvulnerabilities.lastFound
Use a date range or specific date to define when findings were last found.
Examples
Show findings last found within certain dates
vulnerabilities.lastFound: [2019-01-10 ... 2019-06-01]
Show findings last found starting 2010-06-01, ending 1 month ago
vulnerabilities.lastFound: [2019-01-10 ... now-1M]
Show findings last found starting 2 weeks ago, ending 1 second ago
vulnerabilities.lastFound: [now-2w ... now-1s]
Show findings last found on a specific date
vulnerabilities.lastFound:'2019-07-15'
vulnerabilities.severityvulnerabilities.severity
Use an integer value ##### to find vulnerabilities with this severity (1-5). Select from values in the drop-down menu.
Example
Show findings with severity 5
vulnerabilities.severity:5
vulnerabilities.statusvulnerabilities.status
Use a text value ##### to find vulnerabilities with certain status (e.g. Active, Fixed, New, Reopened). Select from names in the drop-down menu.
Example
Show vulnerabilities with New status
vulnerabilities.status:New
vulnerabilities.typeDetectedvulnerabilities.typeDetected
Use a text value ##### to find assets with vulnerabilities of the specified detection type (e.g. Confirmed, Potential, Information). Select from names in the drop-down menu.
Example
Show vulnerabilities with detection type Confirmed
vulnerabilities.typeDetected:Confirmed
vulnerabilities.vulnerability.qidvulnerabilities.vulnerability.qid
Use an integer value ##### to show vulnerabilities with the defined QIDs.
Example
Show vulnerabilities with QID 90405
vulnerabilities.vulnerability.qid:90405
vulnerabilities.vulnerability.categoryvulnerabilities.vulnerability.category
Use a text value ##### to show vulnerabilities with the defined category.
Example
Show findings with category Android
vulnerabilities.vulnerability.category:Android
vulnerabilities.vulnerability.titlevulnerabilities.vulnerability.title
Use values within quotes or backticks to help you find the title you're looking for.
Examples
Show any findings related to this title
vulnerabilities.vulnerability.title: Remote Code
Execution
Show any findings that contain "Remote" or "Code" in title
vulnerabilities.vulnerability.title: "Remote
Code"
Show any findings that match exact value "Remote Code"
vulnerabilities.vulnerability.title: `Remote Code`
vulnerabilities.firstFoundvulnerabilities.firstFound
Use a date range or specific date to define when findings were first found.
Examples
Show findings first found within certain dates
vulnerabilities.firstFound: [2019-01-10 ... 2019-06-01]
Show findings first found starting 2010-06-01, ending 1 month ago
vulnerabilities.firstFound: [2019-01-10 ... now-1M]
Show findings first found starting 2 weeks ago, ending 1 second ago
vulnerabilities.firstFound: [now-2w ... now-1s]
Show findings first found on a specific date
vulnerabilities.firstFound:'2019-07-15'
vulnerabilities.assetNamevulnerabilities.assetName
Use values within quotes or backticks to help you find the asset name you're looking for.
Examples
Show any findings related to this name
vulnerabilities.assetName: Admin_Android_Samsung
Show any findings that contain parts of this name
vulnerabilities.assetName: "Samsung"
Show any findings that match exact value "Admin_Android_Samsung"
vulnerabilities.assetName: `Admin_Android_Samsung`
vulnerabilities.assetOSvulnerabilities.assetOS
Use values within quotes or backticks to help you find the asset operating system you're looking for.
Examples
Show any findings with this OS name
vulnerabilities.assetOS: Android
Show any findings that contain parts of OS name
vulnerabilities.assetOS: "Android"
Show any findings that match exact value "Android"
vulnerabilities.assetOS: `Android`
vulnerabilities.vulnerability.cveidsvulnerabilities.vulnerability.cveids
Use a text value ##### to find the CVE name you're interested in.
Example
Show findings with CVE name CVE-2015-0313
vulnerabilities.vulnerability.cveids:CVE-2015-0313
vulnerabilities.vulnerability.cvss3Info.baseScorevulnerabilities.vulnerability.cvss3Info.baseScore
Use an integer value ##### to help you find the CVSSv3 base score you're interested in.
Example
Show assets with 7.8 basescore
vulnerabilities.vulnerability.cvss3Info.baseScore:7.8
Use an integer value ##### to help you find assets with the CVSSv3 temporal score you're interested in.
Example
Show assets with 6.4 temporal score
vulnerabilities.vulnerability.cvss3Info.temporalScore:6.4
Use a text value ##### to help you find assets with the CVSS access vector you're interested in (e.g. Undefined, Local_access, Adjacent_network, Network). Select from names in the drop-down menu.
Example
Show assets with this name
vulnerabilities.vulnerability.cvssInfo.accessVector:Network
vulnerabilities.vulnerability.cvssInfo.baseScorevulnerabilities.vulnerability.cvssInfo.baseScore
Use an integer value ##### to help you find the CVSS base score you're interested in.
Example
Show assets with 7.8 basescore
vulnerabilities.vulnerability.cvssInfo.baseScore:7.8
Use an integer value ##### to help you find assets with the CVSSv3 temporal score you're interested in.
Example
Show assets with 6.4 temporal score
vulnerabilities.vulnerability.cvssInfo.temporalScore:6.4
vulnerabilities.vulnerability.descriptionvulnerabilities.vulnerability.description
Use values within quotes or backticks to help you find the description you're looking for.
Examples
Show any findings related to this description
vulnerabilities.vulnerability.description: Remote
Code Execution
Show any findings that contain "Remote" or "Code" in description
vulnerabilities.vulnerability.description: "Remote
Code"
Show any findings that match exact value "Remote Code"
vulnerabilities.vulnerability.description: `Remote
Code`
vulnerabilities.vulnerability.osvulnerabilities.vulnerability.os
Use values within quotes or backticks to help you find the operating system the vulnerabilities were detected on.
Examples
Show any findings with this OS name
vulnerabilities.vulnerability.os: Android
Show any findings that contain parts of OS name
vulnerabilities.vulnerability.os: "Android"
Show any findings that match exact value "Android"
vulnerabilities.vulnerability.os: `Android`
vulnerabilities.vulnerability.publishedvulnerabilities.vulnerability.published
Use a date range or specific date to define when vulnerabilities were first published in the KnowledgeBase.
Examples
Show findings for vulnerabilities published within certain dates
vulnerabilities.vulnerability.published: [2019-01-10
... 2019-06-01]
Show findings for vulnerabilities published starting 2017-01-01, ending 1 month ago
vulnerabilities.vulnerability.published: [2019-01-10
... now-1M]
Show findings for vulnerabilities published starting 2 weeks ago, ending 1 second ago
vulnerabilities.vulnerability.published: [now-2w
... now-1s]
Show findings for vulnerabilities published on certain date
vulnerabilities.vulnerability.published:'2019-07-15'
vulnerabilities.vulnerability.solutionvulnerabilities.vulnerability.solution
Use values within quotes or backticks to help you find the solution you're looking for.
Examples
Show any findings related to this solution
vulnerabilities.vulnerability.solution: Bulletin
MS10-006
Show any findings that contain parts of solution
vulnerabilities.vulnerability.solution: "Bulletin
MS10-006"
Show any findings that match exact value "Bulletin MS10-006"
vulnerabilities.vulnerability.solution: `Bulletin
MS10-006`
vulnerabilities.vulnerability.updatedvulnerabilities.vulnerability.updated
Use a date range or specific date to define when vulnerabilities were updated in the KnowledgeBase.
Examples
Show vulnerabilites updated within certain dates
vulnerabilities.vulnerability.updated: [2019-01-10
... 2019-06-01]
Show vulnerabilites updated starting 2010-06-01, ending 1 month ago
vulnerabilities.vulnerability.updated: [2019-01-10
... now-1M]
Show vulnerabilites updated starting 2 weeks ago, ending 1 second ago
vulnerabilities.vulnerability.updated: [now-2w
... now-1s]
Show vulnerabilites updated on certain date
vulnerabilities.vulnerability.updated:'2019-07-15'
vulnerabilities.vulnerability.vendorRefsvulnerabilities.vulnerability.vendorRefs
Use a text value ##### to help you find the vendor reference you're interested in.
Example
Show vendors with this reference value
vulnerabilities.vulnerability.vendorRefs:KB3021953
vulnerabilities.vulnerability.vendors.productNamevulnerabilities.vulnerability.vendors.productName
Use a text value ##### to help you find the vendor product name you're interested in.
Example
Show findings with this vendor product name
vulnerabilities.vulnerability.vendors.productName:Android
vulnerabilities.vulnerability.vendors.vendorNamevulnerabilities.vulnerability.vendors.vendorName
Use a text value ##### to help you find the vendor name you're interested in.
Example
Show findings with this vendor name
vulnerabilities.vulnerability.vendors.vendorName:Google
vulnerabilities.vulnerability.riskvulnerabilities.vulnerability.risk
Use a text value ##### to help you define the vulnerability risk rating you're interested in. For confirmed and potential issues risk is 10 times severity, for information gathered it is severity.
Example
Show findings with risk 50
vulnerabilities.vulnerability.risk:50
vulnerabilities.vulnerability.supportedByvulnerabilities.vulnerability.supportedBy
Use a text value ##### to select a Qualys service (SEM-Android and SEM-IOS) to show vulnerabilities that can be detected by this service. Select from names in the drop-down menu.
Example
Show vulnerabilities supported by SEM-Android
vulnerabilities.vulnerability.supportedBy:SEM-Android
vulnerabilities.vulnerability.consequencevulnerabilities.vulnerability.consequence
Use values within quotes or backticks to help you find the consequence you're looking for.
Examples
Show any findings related to consequence
vulnerabilities.vulnerability.consequence: sensitive
information
Show any findings that contain "sensitive" or "information" in consequence
vulnerabilities.vulnerability.consequence: "sensitive
information"
Show any findings that match exact value "sensitive information"
vulnerabilities.vulnerability.consequence: `sensitive
information`
vulnerabilities.vulnerability.cve.severityvulnerabilities.vulnerability.cve.severity
Select a severity (1-5) to find CVE with this severity. Select from values in the drop-down menu.
Example
Show findings with severity 5
vulnerabilities.vulnerability.cve.severity:5
vulnerabilities.vulnerability.releasedOnvulnerabilities.vulnerability.releasedOn
Use a date range or specific date to define when Security update or QID is released
Example
Show Security update or QID released within certain dates
vulnerabilities.vulnerability.releasedOn: [2020-02-01
... 2020-02-02]
Show Security update or QID released starting 2020-04-01, ending 3 months ago
vulnerabilities.vulnerability.releasedOn:[2020-04-01
... now-3M]
Show Security update or QID released starting 2 weeks ago, ending 1 second ago
vulnerabilities.vulnerability.releasedOn: [now-2w
... now-1s]
Show Security update or QID released on a specific date
vulnerabilities.vulnerability.releasedOn: '2019-02-01'
vulnerabilities.vulnerability.typevulnerabilities.vulnerability.type
Use a text value #### in a quotes to find the vulnerabilities with certain type.
Use a boolean query to express your query using AND logic..
Example
vulnerabilities.severity: 5 and vulnerabilities.typeDetected: Confirmed
Find vulnerabilities with this severity and type detected.
Example
Show vulnerabilites of this type
vulnerabilities.vulnerability.type:"OS"
Supported Boolean Operators
The Qualys Query Language (QQL) supports the following logical or Boolean query operators. Use these operators in your queries to narrow down or broaden your search.
Use a boolean query to express your query using NOT logic.
Example
not vulnerabilities.severity: 1
Show vulnerabilities whose severity is not 1.
Use a boolean query to express your query using OR logic.
Example
vulnerabilities.severity: 5 or vulnerabilities.severity: 4
Show findings with one of these vulnerabilities severity.