Refresh Vulnerability Stats
POST/api/v32.07/stats/vulnerabilities/refresh
x-prisma-cloud-target-env: {"permission":"monitorVuln"}
Refreshes the current day's CVE counts and CVE list, as well as their descriptions.
This endpoint returns the same response as /api/v<VERSION>/stats/vulnerabilities, but with updated data for the current day.
cURL Request
Refer to the following example cURL command that refreshes the vulnerability statistics for current day:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
'https://<CONSOLE>/api/v<VERSION>/stats/vulnerabilities/refresh'
A successful response returns a summary count of the CVEs and detailed descriptions for each CVE for the current day.
Request
Query Parameters
Offsets the result to a specific report count. Offset starts from 0.
Limit is the amount to fix.
Sorts the result using a key.
Sorts the result in reverse order.
Responses
- 200
- default
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- Array [
- Array [
- ]
- ]
- Array [
- Array [
- ]
- ]
- Array [
- Array [
- ]
- ]
- Array [
- Array [
- ]
- ]
- Array [
- Array [
- ]
- ]
- ]
ID of the vulnerability stats.
containers object
ResourceVulnerabilityStats holds vulnerability stats of a single resource type
Count is the total number of vulnerabilities.
cves object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
impacted object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
vulnerabilities object[]
All resource vulnerabilities.
CVE ID.
Vulnerability description.
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
HighestCVSS is the highest CVSS score of the vulnerability.
highestRiskFactors object
RiskScoreFactors holds factors used to calculate risk score
EnvVarSecrets indicates whether a container has access to secrets via environment variables.
HostAccess indicates whether a container has access to the host network or namespace.
Internet indicates whether a container has internet access.
Network indicates whether a container is listening to ports.
NoSecurityProfile indicates whether a container has security profile issue.
PrivilegedContainer indicates whether a container runs using the --privileged flag.
RootMount indicates whether a container has access to the host file system using a root mount.
RootPrivilege indicates whether a container runs as root.
RuntimeSocket indicates whether a container has the runtime socket mounted.
HighestSeverity is the highest severity of the vulnerability.
Packages impacted by the vulnerability.
Possible values: [container,image,host,istio,vm,function,registryImage]
ResourceType represents the resource type
Number of resources impacted by this vulnerability.
Link to CVE.
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Risk score.
CVE status.
functions object
ResourceVulnerabilityStats holds vulnerability stats of a single resource type
Count is the total number of vulnerabilities.
cves object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
impacted object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
vulnerabilities object[]
All resource vulnerabilities.
CVE ID.
Vulnerability description.
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
HighestCVSS is the highest CVSS score of the vulnerability.
highestRiskFactors object
RiskScoreFactors holds factors used to calculate risk score
EnvVarSecrets indicates whether a container has access to secrets via environment variables.
HostAccess indicates whether a container has access to the host network or namespace.
Internet indicates whether a container has internet access.
Network indicates whether a container is listening to ports.
NoSecurityProfile indicates whether a container has security profile issue.
PrivilegedContainer indicates whether a container runs using the --privileged flag.
RootMount indicates whether a container has access to the host file system using a root mount.
RootPrivilege indicates whether a container runs as root.
RuntimeSocket indicates whether a container has the runtime socket mounted.
HighestSeverity is the highest severity of the vulnerability.
Packages impacted by the vulnerability.
Possible values: [container,image,host,istio,vm,function,registryImage]
ResourceType represents the resource type
Number of resources impacted by this vulnerability.
Link to CVE.
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Risk score.
CVE status.
hosts object
ResourceVulnerabilityStats holds vulnerability stats of a single resource type
Count is the total number of vulnerabilities.
cves object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
impacted object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
vulnerabilities object[]
All resource vulnerabilities.
CVE ID.
Vulnerability description.
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
HighestCVSS is the highest CVSS score of the vulnerability.
highestRiskFactors object
RiskScoreFactors holds factors used to calculate risk score
EnvVarSecrets indicates whether a container has access to secrets via environment variables.
HostAccess indicates whether a container has access to the host network or namespace.
Internet indicates whether a container has internet access.
Network indicates whether a container is listening to ports.
NoSecurityProfile indicates whether a container has security profile issue.
PrivilegedContainer indicates whether a container runs using the --privileged flag.
RootMount indicates whether a container has access to the host file system using a root mount.
RootPrivilege indicates whether a container runs as root.
RuntimeSocket indicates whether a container has the runtime socket mounted.
HighestSeverity is the highest severity of the vulnerability.
Packages impacted by the vulnerability.
Possible values: [container,image,host,istio,vm,function,registryImage]
ResourceType represents the resource type
Number of resources impacted by this vulnerability.
Link to CVE.
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Risk score.
CVE status.
images object
ResourceVulnerabilityStats holds vulnerability stats of a single resource type
Count is the total number of vulnerabilities.
cves object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
impacted object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
vulnerabilities object[]
All resource vulnerabilities.
CVE ID.
Vulnerability description.
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
HighestCVSS is the highest CVSS score of the vulnerability.
highestRiskFactors object
RiskScoreFactors holds factors used to calculate risk score
EnvVarSecrets indicates whether a container has access to secrets via environment variables.
HostAccess indicates whether a container has access to the host network or namespace.
Internet indicates whether a container has internet access.
Network indicates whether a container is listening to ports.
NoSecurityProfile indicates whether a container has security profile issue.
PrivilegedContainer indicates whether a container runs using the --privileged flag.
RootMount indicates whether a container has access to the host file system using a root mount.
RootPrivilege indicates whether a container runs as root.
RuntimeSocket indicates whether a container has the runtime socket mounted.
HighestSeverity is the highest severity of the vulnerability.
Packages impacted by the vulnerability.
Possible values: [container,image,host,istio,vm,function,registryImage]
ResourceType represents the resource type
Number of resources impacted by this vulnerability.
Link to CVE.
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Risk score.
CVE status.
Date/time when the entity was modified.
registryImages object
ResourceVulnerabilityStats holds vulnerability stats of a single resource type
Count is the total number of vulnerabilities.
cves object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
impacted object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
vulnerabilities object[]
All resource vulnerabilities.
CVE ID.
Vulnerability description.
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
HighestCVSS is the highest CVSS score of the vulnerability.
highestRiskFactors object
RiskScoreFactors holds factors used to calculate risk score
EnvVarSecrets indicates whether a container has access to secrets via environment variables.
HostAccess indicates whether a container has access to the host network or namespace.
Internet indicates whether a container has internet access.
Network indicates whether a container is listening to ports.
NoSecurityProfile indicates whether a container has security profile issue.
PrivilegedContainer indicates whether a container runs using the --privileged flag.
RootMount indicates whether a container has access to the host file system using a root mount.
RootPrivilege indicates whether a container runs as root.
RuntimeSocket indicates whether a container has the runtime socket mounted.
HighestSeverity is the highest severity of the vulnerability.
Packages impacted by the vulnerability.
Possible values: [container,image,host,istio,vm,function,registryImage]
ResourceType represents the resource type
Number of resources impacted by this vulnerability.
Link to CVE.
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Risk score.
CVE status.
[
{
"_id": "string",
"containers": {
"count": 0,
"cves": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"impacted": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilities": [
{
"cve": "string",
"description": "string",
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"highestCVSS": 0,
"highestRiskFactors": {
"envVarSecrets": true,
"hostAccess": true,
"internet": true,
"network": true,
"noSecurityProfile": true,
"privilegedContainer": true,
"rootMount": true,
"rootPrivilege": true,
"runtimeSocket": true
},
"highestSeverity": "string",
"impactedPkgs": [
"string"
],
"impactedResourceType": [
"container",
"image",
"host",
"istio",
"vm",
"function",
"registryImage"
],
"impactedResourcesCnt": 0,
"link": "string",
"riskFactors": {},
"riskScore": 0,
"status": "string"
}
]
},
"functions": {
"count": 0,
"cves": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"impacted": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilities": [
{
"cve": "string",
"description": "string",
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"highestCVSS": 0,
"highestRiskFactors": {
"envVarSecrets": true,
"hostAccess": true,
"internet": true,
"network": true,
"noSecurityProfile": true,
"privilegedContainer": true,
"rootMount": true,
"rootPrivilege": true,
"runtimeSocket": true
},
"highestSeverity": "string",
"impactedPkgs": [
"string"
],
"impactedResourceType": [
"container",
"image",
"host",
"istio",
"vm",
"function",
"registryImage"
],
"impactedResourcesCnt": 0,
"link": "string",
"riskFactors": {},
"riskScore": 0,
"status": "string"
}
]
},
"hosts": {
"count": 0,
"cves": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"impacted": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilities": [
{
"cve": "string",
"description": "string",
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"highestCVSS": 0,
"highestRiskFactors": {
"envVarSecrets": true,
"hostAccess": true,
"internet": true,
"network": true,
"noSecurityProfile": true,
"privilegedContainer": true,
"rootMount": true,
"rootPrivilege": true,
"runtimeSocket": true
},
"highestSeverity": "string",
"impactedPkgs": [
"string"
],
"impactedResourceType": [
"container",
"image",
"host",
"istio",
"vm",
"function",
"registryImage"
],
"impactedResourcesCnt": 0,
"link": "string",
"riskFactors": {},
"riskScore": 0,
"status": "string"
}
]
},
"images": {
"count": 0,
"cves": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"impacted": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilities": [
{
"cve": "string",
"description": "string",
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"highestCVSS": 0,
"highestRiskFactors": {
"envVarSecrets": true,
"hostAccess": true,
"internet": true,
"network": true,
"noSecurityProfile": true,
"privilegedContainer": true,
"rootMount": true,
"rootPrivilege": true,
"runtimeSocket": true
},
"highestSeverity": "string",
"impactedPkgs": [
"string"
],
"impactedResourceType": [
"container",
"image",
"host",
"istio",
"vm",
"function",
"registryImage"
],
"impactedResourcesCnt": 0,
"link": "string",
"riskFactors": {},
"riskScore": 0,
"status": "string"
}
]
},
"modified": "2024-07-29T15:51:28.071Z",
"registryImages": {
"count": 0,
"cves": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"impacted": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilities": [
{
"cve": "string",
"description": "string",
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"highestCVSS": 0,
"highestRiskFactors": {
"envVarSecrets": true,
"hostAccess": true,
"internet": true,
"network": true,
"noSecurityProfile": true,
"privilegedContainer": true,
"rootMount": true,
"rootPrivilege": true,
"runtimeSocket": true
},
"highestSeverity": "string",
"impactedPkgs": [
"string"
],
"impactedResourceType": [
"container",
"image",
"host",
"istio",
"vm",
"function",
"registryImage"
],
"impactedResourcesCnt": 0,
"link": "string",
"riskFactors": {},
"riskScore": 0,
"status": "string"
}
]
}
}
]