Search vulnerabilities for scan

post

https://cloud.tenable.com/was/v2/scans/{scan_id}/vulnerabilities/search

Returns a list of vulnerabilities for the specified scan.

Requires the Basic [16] user role or the WAS.SCAN_WAS.READ custom role privilege. Additionally, requires the Can View [16] scan permission. See Roles and Permissions.

Path Params

scan_id

uuid

required

The UUID of the scan for which you want to view vulnerabilities.

Query Params

limit

int32

0 to 200

Defaults to 10

The number of records to retrieve. If this parameter is omitted, Tenable Web App Scanning uses the default value of 10. The minimum value is 0 and the maximum value is 200. If you need to retrieve more than 200 records, use the offset value to iterate through page responses.

offset

int32

≥ 0

Defaults to 0

The starting record to retrieve. If this parameter is omitted, Tenable Web App Scanning uses the default value of 0.

sort

string

The field you want to use to sort the results by along with the sort order. The field is specified first, followed by a colon, and the order is specified second (asc or desc). For example, name:desc would sort results by the name field in descending order.

If you specify multiple fields, the fields must be separated by commas. For example, name:desc,created_at:asc would first sort results by the name field in descending order and then by the created_at field in ascending order.

Body Params

field

string

The name of the field you want to filter on. You can list available vulnerability filters for the scan with the GET /was/v2/scans/{scan_id}/vulnerabilities/filters endpoint.

operator

string

The comparison operator to apply to the filter. You can find available comparison operators for the filter in the operators attribute of the objects returned by the GET /was/v2/scans/{scan_id}/vulnerabilities/filters endpoint.

value

string

The value to compare the given field to using the given operator. You can find valid values for the filter in the control attribute of the objects returned by the GET /was/v2/scans/{scan_id}/vulnerabilities/filters endpoint.

Headers

string

enum

Defaults to application/json

Generated from available response content types

Allowed:

Responses

200A list of scan vulnerabilities for the requested scan.

400Returned if your request specifies an invalid scan UUID.

403Returned if you do not have permissions for the scan. For more information, see Roles and Permissions.

429Returned if you attempt to send too many requests in a specific period of time. For more information, see Rate Limiting.