# GetVulnerabilityById ## Parameters The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory. ### Headers ``` GET /api/ss/vulnerability/:id HTTP/1.1 Host: demo.attackforge.com X-SSAPI-KEY: APIKey Content-Type: application/json Connection: close ``` ### Query **id (string)** Identifier for the vulnerability. Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732 HTTP/1.1 ``` **altCustomFields (*****boolean*****) (*****optional*****)** Returns custom fields and custom tags in alternative format. Example: ``` "vulnerability_custom_fields": { "fields": { "key": "value" }, "tags": { "key": "value" } } ``` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?altCustomFields=true HTTP/1.1 ``` **pending (*****boolean*****) (*****optional*****)** Return pending vulnerability. Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?pending=true HTTP/1.1 ``` **asset\_cf\_key\_allowlist (string) (optional)** List of Asset custom field keys to include in response. Add multiple for more than one key e.g. `?asset_cf_key_allowlist=key1&asset_cf_key_allowlist=key2` or specify no keys to exclude all fields e.g. `?asset_cf_key_allowlist=` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?asset_cf_key_allowlist=key1&asset_cf_key_allowlist=key2 HTTP/1.1 ``` **asset\_cf\_key\_blocklist (string) (optional)** List of Asset custom field keys to exclude from response. Add multiple for more than one key e.g. `?asset_cf_key_blocklist=key1&asset_cf_key_blocklist=key2` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?asset_cf_key_blocklist=key1&asset_cf_key_blocklist=key2 HTTP/1.1 ``` **project\_cf\_key\_allowlist (string) (optional)** List of Project custom field keys to include in response. Add multiple for more than one key e.g. `?project_cf_key_allowlist=key1&project_cf_key_allowlist=key2` or specify no keys to exclude all fields e.g. `?project_cf_key_allowlist=` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?project_cf_key_allowlist=key1&project_cf_key_allowlist=key2 HTTP/1.1 ``` **project\_cf\_key\_blocklist (string) (optional)** List of Project custom field keys to exclude from response. Add multiple for more than one key e.g. `?project_cf_key_blocklist=key1&project_cf_key_blocklist=key2` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?project_cf_key_blocklist=key1&project_cf_key_blocklist=key2 HTTP/1.1 ``` **vulnerability\_cf\_key\_allowlist (string) (optional)** List of Vulnerability custom field keys to include in response. Add multiple for more than one key e.g. `?vulnerability_cf_key_allowlist=key1&vulnerability_cf_key_allowlist=key2` or specify no keys to exclude all fields e.g. `?vulnerability_cf_key_allowlist=` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?vulnerability_cf_key_allowlist=key1&vulnerability_cf_key_allowlist=key2 HTTP/1.1 ``` **vulnerability\_cf\_key\_blocklist (string) (optional)** List of Vulnerability custom field keys to exclude from response. Add multiple for more than one key e.g. `?vulnerability_cf_key_blocklist=key1&vulnerability_cf_key_blocklist=key2` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?vulnerability_cf_key_blocklist=key1&vulnerability_cf_key_blocklist=key2 HTTP/1.1 ``` **writeup\_cf\_key\_allowlist (string) (optional)** List of Writeup custom field keys to include in response. Add multiple for more than one key e.g. `?writeup_cf_key_allowlist=key1&writeup_cf_key_allowlist=key2` or specify no keys to exclude all fields e.g. `?writeup_cf_key_allowlist=` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?writeup_cf_key_allowlist=key1&writeup_cf_key_allowlist=key2 HTTP/1.1 ``` **writeup\_cf\_key\_blocklist (string) (optional)** List of Writeup custom field keys to exclude from response. Add multiple for more than one key e.g. `?writeup_cf_key_blocklist=key1&writeup_cf_key_blocklist=key2` Example: ``` GET /api/ss/vulnerability/5e573d3ed1484a0c155f3732?writeup_cf_key_blocklist=key1&writeup_cf_key_blocklist=key2 HTTP/1.1 ``` ## Example The following example is a cURL request to get a vulnerability by its identifier (Id). ### Request Include API Token instead of stars in 'X-SSAPI-KEY: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*' parameter. ``` curl -X GET 'https://demo.attackforge.com/api/ss/vulnerability/5e573d3ed1484a0c155f3732' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' ``` ### Response Response contains a vulnerability object. ``` { "vulnerability": { "vulnerability_id": "...", "vulnerability_library_id": "...", "vulnerability_alternate_id": "...", "vulnerability_created": "...", "vulnerability_modified": "...", "vulnerability_title": "...", "vulnerability_priority": "...", "vulnerability_cvssv3_vector": "...", "vulnerability_cvssv3_base_score": "...", "vulnerability_cvssv3_temporal_score": "...", "vulnerability_cvssv3_environmental_score": "...", "vulnerability_cvssv4_vector": "...", "vulnerability_cvssv4_score": "...", "vulnerability_status": "...", "vulnerability_status_updated": "...", "vulnerability_resolution_type": "...", "vulnerability_retest": "...", "vulnerability_likelihood_of_exploitation": 10, "vulnerability_steps_to_reproduce": "...", "vulnerability_steps_to_reproduce_HTML": "...", "vulnerability_tags": [ "..." ], "vulnerability_is_zeroday": "...", "vulnerability_notes": [ { "note": "...", "note_html": "...", "type": "PLAINTEXT/RICHTEXT" } ], "vulnerability_description": "...", "vulnerability_attack_scenario": "...", "vulnerability_remediation_recommendation": "...", "vulnerability_remediation_notes": [ { "id": "...", "note": "...", "note_html": "...", "created": "...", "created_by": "..." } ], "vulnerability_affected_asset_name": "...", "vulnerability_affected_asset_id": "...", "vulnerability_affected_asset_library_id": "...", "vulnerability_affected_asset_library_external_id": "...", "vulnerability_affected_assets": [ { "asset": { "id": "...", "name": "...", "library_id": "...", "library_external_id": "...", "custom_fields": [ { "key": "...", "value": "...", "type": "Field" } ], }, "notes": [ "..." ], "tags": [ "..." ], "actioned": true, "components": [ { "name": "...", "notes": [ "..." ], "actioned": true, "tags": [ "..." ] } ] } ], "vulnerability_projects" : [ { "code" : "...", "custom_fields" : [ { "key" : "...", "type" : "Field/Tag", "value" : "..." } ], "groups": [ { "id": "...", "name": "..." } ], "id" : "...", "name" : "..." } ], "vulnerability_discovered_by": "...", "vulnerability_evidence": [ { "file_name": "...", "file_name_custom": "...", "storage_name": "...", "file_type": "...", "file_size": 999, "file_size_kb": 99999 } ], "vulnerability_library_files": [ { "file_name": "...", "file_name_custom": "...", "storage_name": "...", "file_type": "...", "file_size": 999, "file_size_kb": 99999 } ], "vulnerability_custom_fields": [ { "key": "...", "value": "...", "type": "Tag/Field" } ], "vulnerability_library_custom_fields": [ { "key": "...", "value": "...", "type": "Tag/Field" } ], "vulnerability_affected_asset_custom_fields": [ { "key": "...", "value": "..." } ], "vulnerability_sla": "...", "vulnerability_release_date": "...", "vulnerability_target_remediation_date": "...", "vulnerability_user": { "user_id": "...", "first_name": "...", "last_name": "..." }, "vulnerability_testcases": ["..."] } } ```