Download Impacted Resources Vulnerability (CVE) Stats
GET/api/v33.01/stats/vulnerabilities/impacted-resources/download
x-prisma-cloud-target-env: {"permission":"monitorVuln"}
Downloads a list of impacted resources for a specific vulnerability in a CSV format. This endpoint returns a list of all deployed images, registry images, hosts, and serverless functions affected by a given CVE.
You can use filters such as cvssThreshold
, severityThreshold
, or collections
as query parameters to get desired results.
Consider the following observations:
- You cannot use new filters such as severityThreshold and cvssThreshold with the collections filter or when you're assigned with specific collections or accounts.
- cvssThresold: Retrieves a list of vulnerabilities (CVEs) that matches the specified value of CVSS score or higher.
- severityThreshold: Retrieves a list of vulnerabilities (CVEs) that matches the specified value of the severity threshold or higher.
- collections: Retrieves a list of vulnerabilities (CVEs) that matches the specified collection name.
cURL Request
Refer to the following example cURL command that downloads a list of impacted resources for CVE-2015-0313
in a CSV format:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
-o <FILE NAME> \
"https://<CONSOLE>/api/v<VERSION>/stats/vulnerabilities/impacted-resources/download?cve=CVE-2015-0313"
Request
Query Parameters
Offsets the result to a specific report count. Offset starts from 0.
Limit is the amount to fix.
Sorts the result using a key.
Sorts the result in reverse order.
CVE is used to as a pivot for the impacted resource search.
SeverityThreshold is the minimum severity indicating that all retrieved CVEs severities are greater than or equal to the threshold.
CVSSThreshold is the minimum CVSS score indicating that all retrieved CVEs CVSS scores are greater than or equal to the threshold.
Possible values: [container,image,host,istio,vm,function,registryImage
]
ResourceType is the single resource type to return vulnerability data for.
Agentless indicates whether to retrieve vulnerability data for agentless hosts/images.
Stopped indicates whether to retrieve vulnerability data for hosts that were not running during agentless scan.
Packages filter by impacted packages.
RiskFactors filter by CVE risk factors.
EnvRiskFactors filter by environmental risk factors.
Responses
- 200
- default
OK