Get Vulnerabilities
Get details on vulnerabilities by providing one or more IDs.
Parameters
| Parameter | Description |
|---|---|
| Vulnerability IDs | A comma-separated list of vulnerability IDs. Can be obtained via the Search Vulnerabilities |
Example Output
{
"meta": {
"query_time": 0.003279305,
"powered_by": "spapi",
"trace_id": "5ea98b6c-xxxx-xxxx-xxxx-9e0f11103eb4"
},
"resources": [
{
"id": "ca4944397d82410b8f8xxxxxxxxxx_de93270830eadc97b9e1796734af034c",
"cid": "5ddbxxxxxxxxxxxxxxxxx75f17979a1f",
"aid": "b1xxxxxxxxxxxxxxxxx8e09e9265a599",
"vulnerability_id": "CVE-2017-8570",
"vulnerability_metadata_id": "CS-V17-0757999",
"data_providers": [
{
"provider": "CrowdStrike Spotlight"
}
],
"created_timestamp": "2023-07-11T16:17:06Z",
"updated_timestamp": "2023-08-03T17:39:49Z",
"status": "open",
"apps": [
{
"product_name_version": "Office 2013",
"sub_status": "open",
"remediation": {
"ids": [
"46147e49f3b636c5978b3134c822a11d"
]
},
"evaluation_logic": {
"id": "04eb0c6612593b35b8f1ee437c9bae64"
}
}
],
"suppression_info": {
"is_suppressed": false
},
"app": {
"product_name_version": "Office 2013"
},
"cve": {
"id": "CVE-2017-8570",
"base_score": 7.8,
"severity": "HIGH",
"exploit_status": 90,
"exprt_rating": "CRITICAL",
"remediation_level": "O",
"cisa_info": {
"is_cisa_kev": true,
"due_date": "2022-08-25T00:00:00Z"
},
"spotlight_published_date": "2021-05-10T17:08:00Z",
"actors": [
"COBALT SPIDER",
"GALACTIC OCELOT",
"GOBLIN PANDA",
"OCEAN BUFFALO",
"VENOM SPIDER"
],
"description": "Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0243.\n",
"published_date": "2017-07-11T07:00:00Z",
"vendor_advisory": [
"https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2017-8570",
"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570"
],
"references": [
"https://github.com/rxwx/CVE-2017-8570",
"https://github.com/tezukanice/Office8570",
"https://github.com/ParsingTeam/ppsx-file-generator",
"http://www.securityfocus.com/bid/99445"
],
"exploitability_score": 1.8,
"impact_score": 5.9,
"vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
},
"host_info": {
"hostname": "BIG-BLUE-MACHINE",
"local_ip": "192.168.0.30",
"machine_domain": "",
"os_version": "Windows 10",
"ou": "",
"site_name": "",
"system_manufacturer": "Xen",
"groups": [
{
"id": "1eb1xxxxxxxxxxxxxxxxxce2696995af",
"name": "Windows Workstations"
},
{
"id": "2399xxxxxxxxxxxxxxxxx40b186f4f94",
"name": "Windows 10"
}
],
"tags": [],
"platform": "Windows",
"instance_id": "i-004a7e4771430d2bd",
"service_provider_account_id": "5xxxxxxxxxx6",
"service_provider": "55xxxxxxxxxx6",
"os_build": "18363",
"product_type_desc": "Workstation",
"asset_criticality": "Critical",
"entity_graph_id": "445xxxxxxxxxx65139",
"third_party_asset_ids": [
"ServiceNow: 008125xxxxxxxxxx61491ecc139619b2"
],
"managed_by": "Falcon sensor",
"host_last_seen_timestamp": "2023-07-30T00:00:00Z"
},
"remediation": {
"ids": [
"46147e49f3b636c5978b3134c822a11d"
],
"entities": [
{
"id": "46147e49f3b636c5978b3134c822a11d",
"reference": "cpe:/a:microsoft:office::::",
"title": "Update Microsoft Office",
"action": "Update Microsoft Office to the latest available version",
"link": "",
"vendor_url": ""
}
]
}
}
]
}
Workflow Library Example
Get Vulnerabilities with Crowdstrike and Send Results Via Email
Preview this Workflow on desktop