Returns all vulnerabilities that can be assessed during a scan.

Parameters

ParameterDescription
Disable SSL EnforcementEnable this option to skip SSL verification of the server’s certificate
chain and host name. This may increase security vulnerabilities, but can be useful
for testing or when custom verification is employed.
PageThe index of the page (zero-based) to retrieve.
Return All PagesAutomatically fetch all resources, page by page.
SizeThe number of records per page to retrieve.
SortThe criteria to sort the records by, in the format: property[,ASC|DESC]. The default sort order is ascending. Multiple sort criteria can be specified using multiple sort query parameters.

Example Output

{
	"links": [
		{
			"href": "https://hostname:3780/api/3/...",
			"rel": "self"
		}
	],
	"page": {
		"number": 6,
		"size": 10,
		"totalPages": 13,
		"totalResources": 123
	},
	"resources": [
		{
			"added": "2017-10-10",
			"categories": [
				"string"
			],
			"cves": [
				"string"
			],
			"cvss": {
				"links": [
					{
						"href": "https://hostname:3780/api/3/...",
						"rel": "self"
					}
				],
				"v2": {
					"accessComplexity": "M",
					"accessVector": "L",
					"authentication": "N",
					"availabilityImpact": "P",
					"confidentialityImpact": "P",
					"exploitScore": 3.3926,
					"impactScore": 6.443,
					"integrityImpact": "P",
					"score": 4.4,
					"vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"
				},
				"v3": {
					"attackComplexity": "H",
					"attackVector": "N",
					"availabilityImpact": "H",
					"confidentialityImpact": "H",
					"exploitScore": 1.6201,
					"impactScore": 5.8731,
					"integrityImpact": "H",
					"privilegeRequired": "N",
					"scope": "U",
					"score": 7.5,
					"userInteraction": "R",
					"vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
				}
			},
			"denialOfService": false,
			"description": {
				"html": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. ...",
				"text": "\u003cp\u003eA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. ...\u003c/p\u003e"
			},
			"exploits": 0,
			"id": "msft-cve-2017-11804",
			"links": [
				{
					"href": "https://hostname:3780/api/3/...",
					"rel": "self"
				}
			],
			"malwareKits": 0,
			"modified": "2017-10-10",
			"pci": {
				"adjustedCVSSScore": 4,
				"adjustedSeverityScore": 3,
				"fail": true,
				"specialNotes": "",
				"status": "Fail"
			},
			"published": "2017-10-10",
			"riskScore": 123.69,
			"severity": "Severe",
			"severityScore": 4,
			"title": "Microsoft CVE-2017-11804: Scripting Engine Memory Corruption Vulnerability"
		}
	]
}

Workflow Library Example

Get Vulnerabilities with Rapid7 and Send Results Via Email

Preview this Workflow on desktop

Returns all vulnerabilities that can be assessed during a scan.

Parameters

ParameterDescription
Disable SSL EnforcementEnable this option to skip SSL verification of the server’s certificate
chain and host name. This may increase security vulnerabilities, but can be useful
for testing or when custom verification is employed.
PageThe index of the page (zero-based) to retrieve.
Return All PagesAutomatically fetch all resources, page by page.
SizeThe number of records per page to retrieve.
SortThe criteria to sort the records by, in the format: property[,ASC|DESC]. The default sort order is ascending. Multiple sort criteria can be specified using multiple sort query parameters.

Example Output

{
	"links": [
		{
			"href": "https://hostname:3780/api/3/...",
			"rel": "self"
		}
	],
	"page": {
		"number": 6,
		"size": 10,
		"totalPages": 13,
		"totalResources": 123
	},
	"resources": [
		{
			"added": "2017-10-10",
			"categories": [
				"string"
			],
			"cves": [
				"string"
			],
			"cvss": {
				"links": [
					{
						"href": "https://hostname:3780/api/3/...",
						"rel": "self"
					}
				],
				"v2": {
					"accessComplexity": "M",
					"accessVector": "L",
					"authentication": "N",
					"availabilityImpact": "P",
					"confidentialityImpact": "P",
					"exploitScore": 3.3926,
					"impactScore": 6.443,
					"integrityImpact": "P",
					"score": 4.4,
					"vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"
				},
				"v3": {
					"attackComplexity": "H",
					"attackVector": "N",
					"availabilityImpact": "H",
					"confidentialityImpact": "H",
					"exploitScore": 1.6201,
					"impactScore": 5.8731,
					"integrityImpact": "H",
					"privilegeRequired": "N",
					"scope": "U",
					"score": 7.5,
					"userInteraction": "R",
					"vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
				}
			},
			"denialOfService": false,
			"description": {
				"html": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. ...",
				"text": "\u003cp\u003eA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. ...\u003c/p\u003e"
			},
			"exploits": 0,
			"id": "msft-cve-2017-11804",
			"links": [
				{
					"href": "https://hostname:3780/api/3/...",
					"rel": "self"
				}
			],
			"malwareKits": 0,
			"modified": "2017-10-10",
			"pci": {
				"adjustedCVSSScore": 4,
				"adjustedSeverityScore": 3,
				"fail": true,
				"specialNotes": "",
				"status": "Fail"
			},
			"published": "2017-10-10",
			"riskScore": 123.69,
			"severity": "Severe",
			"severityScore": 4,
			"title": "Microsoft CVE-2017-11804: Scripting Engine Memory Corruption Vulnerability"
		}
	]
}

Workflow Library Example

Get Vulnerabilities with Rapid7 and Send Results Via Email

Preview this Workflow on desktop