Skip to main content

Refresh Vulnerability Stats

POST 

/api/v34.00/stats/vulnerabilities/refresh

x-prisma-cloud-target-env: {"permission":"monitorVuln"}

Refreshes the current day's CVE counts and CVE list, as well as their descriptions.

This endpoint returns the same response as /api/v<VERSION>/stats/vulnerabilities, but with updated data for the current day.

cURL Request

Refer to the following example cURL command that refreshes the vulnerability statistics for current day:

$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
'https://<CONSOLE>/api/v<VERSION>/stats/vulnerabilities/refresh'

A successful response returns a summary count of the CVEs and detailed descriptions for each CVE for the current day.

Request

Query Parameters

    offset integer

    Offsets the result to a specific report count. Offset starts from 0.

    limit integer

    Limit is the amount to fix.

    sort string

    Sorts the result using a key.

    reverse boolean

    Sorts the result in reverse order.

Responses

Schema
  • Array [
  • _idstring

    ID of the vulnerability stats.

    containers object

    ResourceVulnerabilityStats holds vulnerability stats of a single resource type

    countinteger

    Count is the total number of vulnerabilities.

    cves object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    impacted object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    vulnerabilities object[]

    All resource vulnerabilities.

  • Array [
  • cvestring

    CVE ID.

    descriptionstring

    Vulnerability description.

    exploits object[]

    Exploits represents the exploits data found for a CVE

  • Array [
  • kindvulnerability.ExploitKind (string)

    ExploitKind represents the kind of the exploit

    Possible values: [poc,in-the-wild]

    linkstring

    Link is a link to information about the exploit.

    sourcevulnerability.ExploitType (string)

    ExploitType represents the source of an exploit

    Possible values: [,exploit-db,exploit-windows,cisa-kev]

  • ]
  • highestCVSSfloat

    HighestCVSS is the highest CVSS score of the vulnerability.

    highestRiskFactors object

    RiskScoreFactors holds factors used to calculate risk score

    envVarSecretsboolean

    EnvVarSecrets indicates whether a container has access to secrets via environment variables.

    hostAccessboolean

    HostAccess indicates whether a container has access to the host network or namespace.

    internetboolean

    Internet indicates whether a container has internet access.

    networkboolean

    Network indicates whether a container is listening to ports.

    noSecurityProfileboolean

    NoSecurityProfile indicates whether a container has security profile issue.

    privilegedContainerboolean

    PrivilegedContainer indicates whether a container runs using the --privileged flag.

    rootMountboolean

    RootMount indicates whether a container has access to the host file system using a root mount.

    rootPrivilegeboolean

    RootPrivilege indicates whether a container runs as root.

    runtimeSocketboolean

    RuntimeSocket indicates whether a container has the runtime socket mounted.

    highestSeveritystring

    HighestSeverity is the highest severity of the vulnerability.

    impactedPkgsstring (string)[]

    Packages impacted by the vulnerability.

    impactedResourceTypevuln.ResourceType (string)

    ResourceType represents the resource type

    Possible values: [container,image,host,istio,vm,function,registryImage]

    impactedResourcesCntinteger

    Number of resources impacted by this vulnerability.

    linkstring

    Link to CVE.

    riskFactors object

    RiskFactors maps the existence of vulnerability risk factors

    property name*string (string)
    riskScorefloat

    Risk score.

    statusstring

    CVE status.

  • ]
  • functions object

    ResourceVulnerabilityStats holds vulnerability stats of a single resource type

    countinteger

    Count is the total number of vulnerabilities.

    cves object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    impacted object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    vulnerabilities object[]

    All resource vulnerabilities.

  • Array [
  • cvestring

    CVE ID.

    descriptionstring

    Vulnerability description.

    exploits object[]

    Exploits represents the exploits data found for a CVE

  • Array [
  • kindvulnerability.ExploitKind (string)

    ExploitKind represents the kind of the exploit

    Possible values: [poc,in-the-wild]

    linkstring

    Link is a link to information about the exploit.

    sourcevulnerability.ExploitType (string)

    ExploitType represents the source of an exploit

    Possible values: [,exploit-db,exploit-windows,cisa-kev]

  • ]
  • highestCVSSfloat

    HighestCVSS is the highest CVSS score of the vulnerability.

    highestRiskFactors object

    RiskScoreFactors holds factors used to calculate risk score

    envVarSecretsboolean

    EnvVarSecrets indicates whether a container has access to secrets via environment variables.

    hostAccessboolean

    HostAccess indicates whether a container has access to the host network or namespace.

    internetboolean

    Internet indicates whether a container has internet access.

    networkboolean

    Network indicates whether a container is listening to ports.

    noSecurityProfileboolean

    NoSecurityProfile indicates whether a container has security profile issue.

    privilegedContainerboolean

    PrivilegedContainer indicates whether a container runs using the --privileged flag.

    rootMountboolean

    RootMount indicates whether a container has access to the host file system using a root mount.

    rootPrivilegeboolean

    RootPrivilege indicates whether a container runs as root.

    runtimeSocketboolean

    RuntimeSocket indicates whether a container has the runtime socket mounted.

    highestSeveritystring

    HighestSeverity is the highest severity of the vulnerability.

    impactedPkgsstring (string)[]

    Packages impacted by the vulnerability.

    impactedResourceTypevuln.ResourceType (string)

    ResourceType represents the resource type

    Possible values: [container,image,host,istio,vm,function,registryImage]

    impactedResourcesCntinteger

    Number of resources impacted by this vulnerability.

    linkstring

    Link to CVE.

    riskFactors object

    RiskFactors maps the existence of vulnerability risk factors

    property name*string (string)
    riskScorefloat

    Risk score.

    statusstring

    CVE status.

  • ]
  • hosts object

    ResourceVulnerabilityStats holds vulnerability stats of a single resource type

    countinteger

    Count is the total number of vulnerabilities.

    cves object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    impacted object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    vulnerabilities object[]

    All resource vulnerabilities.

  • Array [
  • cvestring

    CVE ID.

    descriptionstring

    Vulnerability description.

    exploits object[]

    Exploits represents the exploits data found for a CVE

  • Array [
  • kindvulnerability.ExploitKind (string)

    ExploitKind represents the kind of the exploit

    Possible values: [poc,in-the-wild]

    linkstring

    Link is a link to information about the exploit.

    sourcevulnerability.ExploitType (string)

    ExploitType represents the source of an exploit

    Possible values: [,exploit-db,exploit-windows,cisa-kev]

  • ]
  • highestCVSSfloat

    HighestCVSS is the highest CVSS score of the vulnerability.

    highestRiskFactors object

    RiskScoreFactors holds factors used to calculate risk score

    envVarSecretsboolean

    EnvVarSecrets indicates whether a container has access to secrets via environment variables.

    hostAccessboolean

    HostAccess indicates whether a container has access to the host network or namespace.

    internetboolean

    Internet indicates whether a container has internet access.

    networkboolean

    Network indicates whether a container is listening to ports.

    noSecurityProfileboolean

    NoSecurityProfile indicates whether a container has security profile issue.

    privilegedContainerboolean

    PrivilegedContainer indicates whether a container runs using the --privileged flag.

    rootMountboolean

    RootMount indicates whether a container has access to the host file system using a root mount.

    rootPrivilegeboolean

    RootPrivilege indicates whether a container runs as root.

    runtimeSocketboolean

    RuntimeSocket indicates whether a container has the runtime socket mounted.

    highestSeveritystring

    HighestSeverity is the highest severity of the vulnerability.

    impactedPkgsstring (string)[]

    Packages impacted by the vulnerability.

    impactedResourceTypevuln.ResourceType (string)

    ResourceType represents the resource type

    Possible values: [container,image,host,istio,vm,function,registryImage]

    impactedResourcesCntinteger

    Number of resources impacted by this vulnerability.

    linkstring

    Link to CVE.

    riskFactors object

    RiskFactors maps the existence of vulnerability risk factors

    property name*string (string)
    riskScorefloat

    Risk score.

    statusstring

    CVE status.

  • ]
  • images object

    ResourceVulnerabilityStats holds vulnerability stats of a single resource type

    countinteger

    Count is the total number of vulnerabilities.

    cves object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    impacted object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    vulnerabilities object[]

    All resource vulnerabilities.

  • Array [
  • cvestring

    CVE ID.

    descriptionstring

    Vulnerability description.

    exploits object[]

    Exploits represents the exploits data found for a CVE

  • Array [
  • kindvulnerability.ExploitKind (string)

    ExploitKind represents the kind of the exploit

    Possible values: [poc,in-the-wild]

    linkstring

    Link is a link to information about the exploit.

    sourcevulnerability.ExploitType (string)

    ExploitType represents the source of an exploit

    Possible values: [,exploit-db,exploit-windows,cisa-kev]

  • ]
  • highestCVSSfloat

    HighestCVSS is the highest CVSS score of the vulnerability.

    highestRiskFactors object

    RiskScoreFactors holds factors used to calculate risk score

    envVarSecretsboolean

    EnvVarSecrets indicates whether a container has access to secrets via environment variables.

    hostAccessboolean

    HostAccess indicates whether a container has access to the host network or namespace.

    internetboolean

    Internet indicates whether a container has internet access.

    networkboolean

    Network indicates whether a container is listening to ports.

    noSecurityProfileboolean

    NoSecurityProfile indicates whether a container has security profile issue.

    privilegedContainerboolean

    PrivilegedContainer indicates whether a container runs using the --privileged flag.

    rootMountboolean

    RootMount indicates whether a container has access to the host file system using a root mount.

    rootPrivilegeboolean

    RootPrivilege indicates whether a container runs as root.

    runtimeSocketboolean

    RuntimeSocket indicates whether a container has the runtime socket mounted.

    highestSeveritystring

    HighestSeverity is the highest severity of the vulnerability.

    impactedPkgsstring (string)[]

    Packages impacted by the vulnerability.

    impactedResourceTypevuln.ResourceType (string)

    ResourceType represents the resource type

    Possible values: [container,image,host,istio,vm,function,registryImage]

    impactedResourcesCntinteger

    Number of resources impacted by this vulnerability.

    linkstring

    Link to CVE.

    riskFactors object

    RiskFactors maps the existence of vulnerability risk factors

    property name*string (string)
    riskScorefloat

    Risk score.

    statusstring

    CVE status.

  • ]
  • modifieddate-time

    Date/time when the entity was modified.

    registryImages object

    ResourceVulnerabilityStats holds vulnerability stats of a single resource type

    countinteger

    Count is the total number of vulnerabilities.

    cves object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    impacted object

    Distribution counts the number of vulnerabilities per type

    criticalinteger

    .

    highinteger

    .

    lowinteger

    .

    mediuminteger

    .

    totalinteger

    .

    vulnerabilities object[]

    All resource vulnerabilities.

  • Array [
  • cvestring

    CVE ID.

    descriptionstring

    Vulnerability description.

    exploits object[]

    Exploits represents the exploits data found for a CVE

  • Array [
  • kindvulnerability.ExploitKind (string)

    ExploitKind represents the kind of the exploit

    Possible values: [poc,in-the-wild]

    linkstring

    Link is a link to information about the exploit.

    sourcevulnerability.ExploitType (string)

    ExploitType represents the source of an exploit

    Possible values: [,exploit-db,exploit-windows,cisa-kev]

  • ]
  • highestCVSSfloat

    HighestCVSS is the highest CVSS score of the vulnerability.

    highestRiskFactors object

    RiskScoreFactors holds factors used to calculate risk score

    envVarSecretsboolean

    EnvVarSecrets indicates whether a container has access to secrets via environment variables.

    hostAccessboolean

    HostAccess indicates whether a container has access to the host network or namespace.

    internetboolean

    Internet indicates whether a container has internet access.

    networkboolean

    Network indicates whether a container is listening to ports.

    noSecurityProfileboolean

    NoSecurityProfile indicates whether a container has security profile issue.

    privilegedContainerboolean

    PrivilegedContainer indicates whether a container runs using the --privileged flag.

    rootMountboolean

    RootMount indicates whether a container has access to the host file system using a root mount.

    rootPrivilegeboolean

    RootPrivilege indicates whether a container runs as root.

    runtimeSocketboolean

    RuntimeSocket indicates whether a container has the runtime socket mounted.

    highestSeveritystring

    HighestSeverity is the highest severity of the vulnerability.

    impactedPkgsstring (string)[]

    Packages impacted by the vulnerability.

    impactedResourceTypevuln.ResourceType (string)

    ResourceType represents the resource type

    Possible values: [container,image,host,istio,vm,function,registryImage]

    impactedResourcesCntinteger

    Number of resources impacted by this vulnerability.

    linkstring

    Link to CVE.

    riskFactors object

    RiskFactors maps the existence of vulnerability risk factors

    property name*string (string)
    riskScorefloat

    Risk score.

    statusstring

    CVE status.

  • ]
  • ]
curl -L -X POST 'https://pan.dev/api/v34.00/stats/vulnerabilities/refresh' \
-H 'Accept: application/json'
Request Collapse all
Parameters
— query
— query
— query
— query