Resolve Vulnerabilty Instances

Mark one or more instances of a vulnerability as resolved.
Rate limiting: 60 times per minute

Query Parameters

• customerid string required

  The customer ID to which the API call is directed

application/json

Request Body required

• ticketIdList string required

  A list of one or more ticket IDs for vulnerability instances being resolved. If you include the ticket IDs for multiple vulnerability instances, separate them by commas; for example: “ticketIdList”: [“vuln-1a4a72c2”, “vuln-1a4a72c3”, “vuln-1a4a72c4”] To retrieve a list of vulnerabilities and vulnerability instances, including their ticket IDs, use Get Vulnerabilities and refer to the zb_ticketid values.

• action string required

  The action employed to resolve the vulnerability instance. The following value must be either mitigate or ignore.

• reason string required

  The reason for resolving the vulnerability instance. The following value cannot contain any special characters.

• full_name string required

  The name of the vulnerability; for example, CVE-2018-18568

Responses

• 200
• 4XX
• 5XX

---

Successful Response

application/json

• Schema
• resolveSecurityAlertResponseExample

---

Schema

any

{
  "api": "/pub/v4.0/vulnerability/update",
  "ver": "v4.0",
  "updatedVulnerInstanceList": [
    {
      "newLevel": "Low"
    },
    {
      "newScore": 18
    },
    {
      "newAnomalyMap": {
        "application": 0.125,
        "payload": 0.125,
        "internal": 0.125,
        "external": 0.125,
        "protocol": 0.125
      }
    }
  ]
}

Client Error Response

application/json

• Schema
• Example (from schema)
• Bad Request
• Forbidden access
• Too many requests

---

Schema

• code string

  STATUS_CODE

• msg string

  GENERAL_MESSAGE

{
  "code": "string",
  "msg": "string"
}

{
  "code": 400,
  "msg": "Bad Request. This occurs when an HTTP request contains an invalid query string."
}

{
  "code": 403,
  "msg": "Forbidden access. Either the provided API key is invalid or it does not have the required RBAC permissions to run this API."
}

{
  "code": 429,
  "msg": "Too many requests. The number of requests for device details for a single device exceeded the rate limit of 180 queries per minute per tenant."
}

Server Error Response

application/json

• Schema
• Example (from schema)
• resolveSecurityAlertResponseExample

---

Schema

• code string

  STATUS_CODE

• msg string

  GENERAL_MESSAGE

{
  "code": "string",
  "msg": "string"
}

{
  "code": 500,
  "msg": "Internal server error. A unified status for API communication type errors."
}

Loading...