Skip to main content

Get Vulnerability Details

Returns vulnerability details for a specific vulnerability instance.

External Documentation

To learn more, visit the Tenable documentation.

Parameters

ParameterDescription
Vulnerability IDThe UUID of the vulnerability instance. To determine the UUID of a vulnerability. Can be retrieved from the 'Get Scan Vulnerabilities' action.

Example Output

{
    "value": {
        "attachments": [
            {
                "attachment_id": "09974297-afc0-4544-b1ff-00a4157fd8f7",
                "attachment_name": "HTTP Request",
                "created_at": "2021-02-23T20:40:35.784674Z",
                "file_type": "text/plain",
                "md5": "md5:635b587d0ec8dfb01d31a6683f3c5325",
                "size": 575
            },
            {
                "attachment_id": "eae5163e-61b5-4697-b96a-489185c3a0a5",
                "attachment_name": "HTTP Response",
                "created_at": "2021-02-23T20:40:35.947036Z",
                "file_type": "text/plain",
                "md5": "md5:6c0981f85ed170488f7f69237e74898c",
                "size": 838
            }
        ],
        "created_at": "2021-02-23T20:40:06Z",
        "details": {
            "input_name": "cmd",
            "input_type": "form",
            "output": "URL\n-----\nhttp://example.com/foo\n\n\nDetection Information\n-----------------------\n...",
            "payload": " ; /bin/cat /etc/passwd ; ",
            "proof": ":x:0:0:root:/root:/bin/bash",
            "request": {
                "body": "cmd --\u003e  ; /bin/cat /etc/passwd ; ",
                "headers": "POST /foo HTTP/1.1\r\nHost: example.com\r\nAccept-Encoding: gzip, deflate, br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4158.0 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nCookie: connect.sid=s%3Ay3k1L2I5PIi-zFG7ehLmOqGU3qBzhub-.%2Fy6MOtJ9IU%2FTakY4S04dq9UnZApXaaPSLkr6QcTdsds\r\nContent-Length: 52\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n"
            },
            "response": {
                "body": "\nroot:x:0:0:root:/root:/bin/bash",
                "headers": "HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 631\r\nETag: W/\"277-e4iTZHwiFfIpaHe7fGNMbJngvU4\"\r\nDate: Tue, 23 Feb 2021 20:39:58 GMT\r\nConnection: keep-alive\r\n\r\n",
                "time": 0.330748
            },
            "selector": "//form[@action = \"/foo\"]",
            "selector_url": "http://example.com/foo",
            "signature": "(?-mix::.+:\\d+:\\d+:.+:[0-9a-zA-Z\\/]+)"
        },
        "is_page": false,
        "plugin_id": 98123,
        "scan_id": "ffab19d4-7d09-412b-bfc9-3addb0d569e5",
        "uri": "http://example.com/foo",
        "vuln_id": "1790eedf-2118-45ea-abff-bcaf3d9d1e0a"
    }
}

Workflow Library Example

Get Vulnerability Details with Tenable and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop