{"openapi":"3.0.0","info":{"title":"Vulnerability Engine Manager","version":"2.70.8"},"paths":{"/apistatus":{"get":{"summary":"Determine the health of the application","description":"Checks database availability and API response threshold time.","operationId":"getApiStatus","x-methodName":"getApiStatus","responses":{"200":{"description":"API is healthy"},"503":{"description":"Database is unavaiable"}}}},"/version":{"get":{"summary":"Get application version","description":"This endpoint will provide you with the application version. Use this endpoint to track application changes.\n","operationId":"getVersion","x-methodName":"getVersion","responses":{"200":{"description":"Application version.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/VersionOut"}}}}}}},"/business_risk":{"get":{"summary":"Access business risk values","description":"This endpoint helps you determine the numeric business risk for a given CVE. A business risk is a label you can set for a given CVE. Choose one of five business risk options ranging from 0-4, where 0 is not defined and 4 indicates a critical risk. You must call this endpoint to choose a numerical value before calling the *PATCH/cves/business_risk* endpoint.\n","operationId":"getBusinessRiskList","x-methodName":"getBusinessRiskList","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"List of business risk/business_risk_id pairs.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/BusinessRiskListOut"}}}}}}},"/cves/{cve_id}":{"get":{"summary":"Get CVE details","description":"This endpoint returns the CVE identification number, description, scores and other metadata. The metadata includes the description, CVSS 2/3 Score, CVSS 2/3 attack vector, severity, public date, modified date, business risk, status, a URL to Red Hat web pages, a list of advisories remediating the CVE, and information regarding known exploits for the CVE.\n","operationId":"getCveDetails","x-methodName":"getCveDetails","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"CVE details","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/CveDetailOut"}}}},"404":{"description":"Given CVE does not exist.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}},"parameters":[{"$ref":"#/components/parameters/cve_id"},{"$ref":"#/components/parameters/advisory_available"}]}},"/cves/{cve_id}/affected_systems":{"get":{"summary":"Determine affected systems for a given CVE","description":"This is a report of affected systems for a given CVE. Use this request to obtain server identification numbers of all affected servers along with last check-in, system name and more.\n","operationId":"getAffectedSystemsByCve","x-methodName":"getAffectedSystemsByCve","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Report of affected systems for a given CVE.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/AffectedSystemsOut"}}}},"404":{"description":"Given CVE does not exist.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}},"parameters":[{"$ref":"#/components/parameters/filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/sort"},{"$ref":"#/components/parameters/cve_id"},{"$ref":"#/components/parameters/status_id"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/uuid"},{"$ref":"#/components/parameters/rule_key_deprecated"},{"$ref":"#/components/parameters/rule_presence_deprecated"},{"$ref":"#/components/parameters/rule"},{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/show_advisories"},{"$ref":"#/components/parameters/advisory"},{"$ref":"#/components/parameters/rhel_version"},{"$ref":"#/components/parameters/first_reported_from"},{"$ref":"#/components/parameters/first_reported_to"},{"$ref":"#/components/parameters/advisory_available"},{"$ref":"#/components/parameters/remediation"},{"$ref":"#/components/parameters/report"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"},{"$ref":"#/components/parameters/group_names"},{"$ref":"#/components/parameters/group_ids"},{"$ref":"#/components/parameters/host_type"}]}},"/cves/{cve_id}/affected_systems/ids":{"get":{"summary":"Get identification numbers of affected systems for a given CVE","description":"This is a report of identification numbers of affected systems for a given CVE. Use this request to obtain server identification numbers of all affected systems.\n","operationId":"getAffectedSystemsIdsByCve","x-methodName":"getAffectedSystemsIdsByCve","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Report of IDs of affected systems for a given CVE.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/AffectedSystemsIdsOut"}}}},"404":{"description":"Given CVE does not exist.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}},"parameters":[{"$ref":"#/components/parameters/filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/sort"},{"$ref":"#/components/parameters/cve_id"},{"$ref":"#/components/parameters/status_id"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/uuid"},{"$ref":"#/components/parameters/rule_key_deprecated"},{"$ref":"#/components/parameters/rule_presence_deprecated"},{"$ref":"#/components/parameters/rule"},{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/show_advisories"},{"$ref":"#/components/parameters/advisory"},{"$ref":"#/components/parameters/rhel_version"},{"$ref":"#/components/parameters/first_reported_from"},{"$ref":"#/components/parameters/first_reported_to"},{"$ref":"#/components/parameters/advisory_available"},{"$ref":"#/components/parameters/remediation"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"},{"$ref":"#/components/parameters/group_names"},{"$ref":"#/components/parameters/group_ids"},{"$ref":"#/components/parameters/host_type"}]}},"/cves/business_risk":{"patch":{"summary":"Set business risk for a CVE","description":"This sets a business risk for a specific CVE. Set a value of low, medium, high or critical for a given CVE. These values are obtained by the business risk path *GET/business_risk*. To set a business risk, you must call the GET/business_risk endpoint first, followed by the *PATCH/cves/business_risk* path.\n","operationId":"setCveBusinessRisk","x-methodName":"setCveBusinessRisk","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"requestBody":{"description":"Values to be set. At least one of the \"business_risk_id\" or \"business_risk_text\" parameters is required.","required":true,"content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/CveRiskIn","x-body-name":"data"}}}},"responses":{"200":{"description":"Business risk successfully updated.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/BulkChangeOut"}}}},"404":{"description":"Given CVE does not exist.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}},"503":{"description":"Service is running in read-only mode.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}}}},"/cves/status":{"patch":{"summary":"Set status for a CVE","description":"This sets the status for a specific CVE. Set a status value for a given CVE (e.g. in-review, on-hold, scheduled for a patch, or resolved). These values are obtained by sending a *GET/status* request. To set a status, you must call the *GET/business_risk* first, followed by the *PATCH/cves/status* path.\n","operationId":"setCveStatus","x-methodName":"setCveStatus","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"requestBody":{"description":"Values to be set. At least one of the \"status_id\" or \"status_text\" parameters is required.","required":true,"content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/CveStatusIn","x-body-name":"data"}}}},"responses":{"200":{"description":"Status successfully updated.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/BulkChangeOut"}}}},"404":{"description":"Given CVE does not exist.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}},"503":{"description":"Service is running in read-only mode.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}}}},"/dashboard":{"get":{"summary":"Get a macro level overview of aggregated vulnerabilities","description":"These are aggregations summarizing your account such as number of unique CVEs, list of security rules, CVEs by severity, and more. Use this endpoint to obtain a snapshot of all the CVES and details about their prevalence and severity.\n","operationId":"getDashboard","x-methodName":"getDashboard","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Dashboard.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Dashboard"}}}}},"parameters":[{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"}]}},"/playbooks/templates/{rule_id}":{"get":{"summary":"Get an Ansible Playbook template for CVEs with security rules","description":"This returns an Ansible playbook template for a given rule identification number. Use this endpoint to return an Ansible playbook template for a given rule error key. The template is used to remediate issues on your system.\n","operationId":"getPlaybookTemplate","x-methodName":"getPlaybookTemplate","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Playbook template response","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/PlaybookTemplate"}}}},"404":{"description":"Given rule id does not exist.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}},"parameters":[{"in":"path","name":"rule_id","description":"Insights security rule ID.","required":true,"schema":{"type":"string"},"example":"CVE_2017_8779_rpc|CVE_2017_8779_WARN"}]}},"/report/executive":{"get":{"summary":"Generate an executive report","description":"This returns an overview of vulnerabilities affecting a given account. Use this request when you need to download a high-level, executive report summarizing the security exposure of your infrastructure. These reports are designed for an executive audience and include data such as the number of RHEL systems analyzed, the number of security rules in your infrastructure, percentage of CVEs with a certain severity and more.\n","operationId":"getExecutiveReport","x-methodName":"getExecutiveReport","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Executive report.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/ExecutiveReport"}}}}}}},"/report/os":{"get":{"summary":"Generate CVE exposure report by RHEL version","description":"List RHEL versions and number of CVEs exposing each of these versions. Each RHEL version represents system with base and core group packages installed.\n","operationId":"getOSExposure","x-methodName":"getOSExposure","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"RHEL version CVE exposure list","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/OSExposureReport"}}}}},"parameters":[{"$ref":"#/components/parameters/data_format"}]}},"/status":{"get":{"summary":"Access available status values","description":"This endpoint returns a list of possible values for setting status for a CVE or system-CVE pair. Call this api when you want to know which values are available for setting a status. A list of numbers will be returned. You must call this endpoint before calling the *PATCH/cves/status* endpoint.\n","operationId":"getStatusList","x-methodName":"getStatusList","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"List of status/status_id pairs.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/StatusListOut"}}}}}},"patch":{"summary":"Set status for system vulnerabilities","description":"This endpoint sets status for given systems and CVEs. Use this endpoint when you need to set a status value for system-CVE pairs.\n","operationId":"setStatus","x-methodName":"setStatus","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"requestBody":{"description":"Values to be set.","required":true,"content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/StatusIn","x-body-name":"data"}}}},"responses":{"200":{"description":"Status successfully updated.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/StatusOut"}}}},"404":{"description":"Given host/CVE does not exist.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}},"503":{"description":"Service is running in read-only mode.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}}}},"/systems":{"get":{"summary":"List systems","description":"List systems that are accessible when you are logged into your account. Use this endpoint to view basic system attributes such as display name and system type.\n","operationId":"getSystemsList","x-methodName":"getSystemsList","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"System list","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/SystemListOut"}}}}},"parameters":[{"$ref":"#/components/parameters/filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/sort"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/stale"},{"$ref":"#/components/parameters/uuid"},{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/excluded"},{"$ref":"#/components/parameters/rhel_version"},{"$ref":"#/components/parameters/report"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"},{"$ref":"#/components/parameters/group_names"},{"$ref":"#/components/parameters/group_ids"},{"$ref":"#/components/parameters/host_type"}]}},"/systems/ids":{"get":{"summary":"List systems identification numbers along with opt out state","description":"This lists systems including those that have opted out of the current query. Use this when you do not want to see a registered system or systems in your reports.\n","operationId":"getSystemsIds","x-methodName":"getSystemsIds","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"System list","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/SystemIdsOut"}}}}},"parameters":[{"$ref":"#/components/parameters/filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/sort"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/stale"},{"$ref":"#/components/parameters/uuid"},{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/excluded"},{"$ref":"#/components/parameters/rhel_version"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"},{"$ref":"#/components/parameters/group_names"},{"$ref":"#/components/parameters/group_ids"},{"$ref":"#/components/parameters/host_type"}]}},"/systems/{inventory_id}":{"get":{"summary":"Get system details","description":"This allows you to get information about systems related to an inventory identification number. This includes details such as operating system, inventory tags, last update, opt-out status, and more.\n","operationId":"getSystemDetails","x-methodName":"getSystemDetails","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"System details","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/SystemDetailsOut"}}}},"404":{"description":"System has not been found in the database.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}},"parameters":[{"$ref":"#/components/parameters/inventory_id"},{"$ref":"#/components/parameters/tags"}]}},"/systems/{inventory_id}/cves":{"get":{"summary":"Get a CVE report for a system","description":"This endpoint displays detailed information about all CVEs for which a system is exposed. Use this endpoint to discover which CVEs are affecting a given system. CVE metadata is included.\n","operationId":"getCveListBySystem","x-methodName":"getCveListBySystem","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"CVE report.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/SystemCvesOut"}}}},"404":{"description":"System has not been found in the database.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}},"parameters":[{"$ref":"#/components/parameters/inventory_id"},{"$ref":"#/components/parameters/cve_filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/cve_sort"},{"$ref":"#/components/parameters/cvss_from"},{"$ref":"#/components/parameters/cvss_to"},{"$ref":"#/components/parameters/public_from"},{"$ref":"#/components/parameters/public_to"},{"$ref":"#/components/parameters/impact"},{"$ref":"#/components/parameters/status_id"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/business_risk_id"},{"$ref":"#/components/parameters/rule_presence"},{"$ref":"#/components/parameters/show_advisories"},{"$ref":"#/components/parameters/advisory"},{"$ref":"#/components/parameters/rule_key"},{"$ref":"#/components/parameters/known_exploit"},{"$ref":"#/components/parameters/first_reported_from"},{"$ref":"#/components/parameters/first_reported_to"},{"$ref":"#/components/parameters/advisory_available"},{"$ref":"#/components/parameters/remediation"},{"$ref":"#/components/parameters/report"},{"$ref":"#/components/parameters/tags"}]}},"/systems/{inventory_id}/cves/ids":{"get":{"summary":"Get a CVE identification number report for a system","description":"This endpoint displays identification numbers of all CVEs for which a system is exposed. Use this endpoint to learn which CVEs are affecting a given system.\n","operationId":"getCveIdsBySystem","x-methodName":"getCveIdsBySystem","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"CVE Ids report.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/SystemCvesIdsOut"}}}},"404":{"description":"System has not been found in the database.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}},"parameters":[{"$ref":"#/components/parameters/inventory_id"},{"$ref":"#/components/parameters/cve_filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/cve_sort"},{"$ref":"#/components/parameters/cvss_from"},{"$ref":"#/components/parameters/cvss_to"},{"$ref":"#/components/parameters/public_from"},{"$ref":"#/components/parameters/public_to"},{"$ref":"#/components/parameters/impact"},{"$ref":"#/components/parameters/status_id"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/business_risk_id"},{"$ref":"#/components/parameters/rule_presence"},{"$ref":"#/components/parameters/show_advisories"},{"$ref":"#/components/parameters/advisory"},{"$ref":"#/components/parameters/rule_key"},{"$ref":"#/components/parameters/known_exploit"},{"$ref":"#/components/parameters/first_reported_from"},{"$ref":"#/components/parameters/first_reported_to"},{"$ref":"#/components/parameters/advisory_available"},{"$ref":"#/components/parameters/remediation"},{"$ref":"#/components/parameters/tags"}]}},"/systems/opt_out":{"patch":{"summary":"Opt a system in or out of the vulnerability service","description":"Opt a specific system in or out of vulnerability analysis. Use this when you want to use other Insights services but do not want to see specific systems in vulnerability reports. This allows you to hide select systems.\n","operationId":"setSystemsOptOut","x-methodName":"setSystemsOptOut","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"requestBody":{"description":"Values to be set.","required":true,"content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/OptOutIn","x-body-name":"data"}}}},"responses":{"200":{"description":"System(s) setting has been updated.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/BulkChangeOut"}}}},"503":{"description":"Service is running in read-only mode.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/Errors"}}}}}}},"/vulnerabilities/cves":{"get":{"summary":"Get a vulnerabilities overview","description":"This provides an overview of vulnerabilities across your entire system inventory. Use this endpoint to get an overview of which CVEs are affecting your account, including some CVE metadata, how many systems are affected by each CVE, and more.\n","operationId":"getCveList","x-methodName":"getCveList","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Vulnerabilities overview.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/VulnerabilitiesOut"}}}}},"parameters":[{"$ref":"#/components/parameters/cve_filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/cve_sort"},{"$ref":"#/components/parameters/cvss_from"},{"$ref":"#/components/parameters/cvss_to"},{"$ref":"#/components/parameters/public_from"},{"$ref":"#/components/parameters/public_to"},{"$ref":"#/components/parameters/impact"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/business_risk_id"},{"$ref":"#/components/parameters/status_id"},{"$ref":"#/components/parameters/rule_presence"},{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/known_exploit"},{"$ref":"#/components/parameters/affecting"},{"$ref":"#/components/parameters/rhel_version"},{"$ref":"#/components/parameters/report"},{"$ref":"#/components/parameters/advanced_report"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"},{"$ref":"#/components/parameters/advisory_available"},{"$ref":"#/components/parameters/group_names"},{"$ref":"#/components/parameters/group_ids"},{"$ref":"#/components/parameters/affecting_host_type"}]},"post":{"summary":"Send a vulnerabilities overview","description":"This is an overview of vulnerabilities for specific CVEs provided in the body. Use this endpoint to get a CVSS score, and learn the severity for a list of CVEs provided in the request.\n","operationId":"getCveList","x-methodName":"getCveList","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"requestBody":{"description":"List of CVEs to provide info about.","required":true,"content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/VulnerabilitiesPostIn","x-body-name":"data"}}}},"responses":{"200":{"description":"Vulnerabilities overview.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/VulnerabilitiesPostOut"}}}}},"parameters":[{"$ref":"#/components/parameters/cve_filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/sort"}]}},"/vulnerabilities/cves/ids":{"get":{"summary":"Get an overview of Vulnerabilities' identification numbers","description":"This is an overview of vulnerabilities identification numbers across your entire system inventory. Use this endpoint to get an overview of which CVEs are affecting your account.\n","operationId":"getCveIdsList","x-methodName":"getCveIdsList","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Vulnerabilities IDs overview.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/VulnerabilitiesIdsOut"}}}}},"parameters":[{"$ref":"#/components/parameters/cve_filter"},{"$ref":"#/components/parameters/limit"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/page"},{"$ref":"#/components/parameters/page_size"},{"$ref":"#/components/parameters/cve_sort"},{"$ref":"#/components/parameters/cvss_from"},{"$ref":"#/components/parameters/cvss_to"},{"$ref":"#/components/parameters/public_from"},{"$ref":"#/components/parameters/public_to"},{"$ref":"#/components/parameters/impact"},{"$ref":"#/components/parameters/data_format"},{"$ref":"#/components/parameters/business_risk_id"},{"$ref":"#/components/parameters/status_id"},{"$ref":"#/components/parameters/rule_presence"},{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/known_exploit"},{"$ref":"#/components/parameters/affecting"},{"$ref":"#/components/parameters/rhel_version"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"},{"$ref":"#/components/parameters/advisory_available"}]}},"/announcement":{"get":{"summary":"Announce important updates","description":"This endpoint provides vulnerability service announcements. Remain informed about important alerts for the vulnerability service. Announcements are issued by Insights Product Managers and other subject matter experts.\n","operationId":"getAnnouncement","x-methodName":"getAnnouncement","responses":{"200":{"description":"Announcement.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/AnnouncementOut"}}}}}}},"/dashbar":{"get":{"summary":"Get aggregations for the dashbar","description":"These are aggregations summarizing your account such as number of unique CVEs, list of security rules, CVEs by severity and more. Use this endpoint to obtain a snapshot of all the CVES and details about their prevalence, severity and other details.\n","operationId":"getDashbar","x-methodName":"getDashbar","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Dashbar aggregations.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/DashbarOut"}}}}},"parameters":[{"$ref":"#/components/parameters/tags"},{"$ref":"#/components/parameters/sap_sids"},{"$ref":"#/components/parameters/sap_system"},{"$ref":"#/components/parameters/ansible"},{"$ref":"#/components/parameters/mssql"}]}},"/feature/cves_without_errata":{"patch":{"summary":"Set a feature flag for CVEs without errata","description":"Use this endpoint to enable/disable reporting CVEs that do not have advisories (errata) for your customer account. If the feature is disabled, CVEs without advisories will be hidden in outputs of all endpoints.\n","operationId":"setCvesWithoutErrata","x-methodName":"setCvesWithoutErrata","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"requestBody":{"description":"Values to be set.","required":true,"content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/CvesWithoutErrataIn","x-body-name":"data"}}}},"responses":{"200":{"description":"CVEs without Errata feature successfully updated.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/CvesWithoutErrataOut"}}}}}}},"/notifications":{"delete":{"summary":"Delete already sent notifications for CVEs","description":"Use this endpoint for restarting your already obtained notifications for CVEs.\n","operationId":"deleteNotifications","x-methodName":"deleteNotifications","security":[{"ApiKeyAuth":[]},{"BasicAuth":[]}],"responses":{"200":{"description":"Sent notifications deleted.","content":{"application/vnd.api+json":{"schema":{"$ref":"#/components/schemas/NotificationsOut"}}}},"403":{"description":"Non-existing account."}}}}},"components":{"parameters":{"filter":{"in":"query","name":"filter","description":"Full text filter for the display name of system.","schema":{"type":"string"},"example":"INV-ID-1234"},"cve_filter":{"in":"query","name":"filter","description":"Full text filter for CVE and it's description text.","schema":{"type":"string"},"example":"CVE-2017"},"limit":{"in":"query","name":"limit","description":"Maximum number of records per page. Limit/Offset pagination wins over page/page_size pagination.","schema":{"type":"integer","maximum":9007199254740991,"minimum":1},"example":25},"offset":{"in":"query","name":"offset","description":"Offset of first record of paginated response. Limit/Offset pagination wins over page/page_size pagination.","schema":{"type":"integer","maximum":9007199254740991,"minimum":0},"example":1},"page":{"in":"query","name":"page","description":"Page number of paginated response. Limit/Offset pagination wins over page/page_size pagination.","schema":{"type":"integer","maximum":9007199254740991,"minimum":1},"example":1},"page_size":{"in":"query","name":"page_size","description":"Page size of paginated response. Limit/Offset pagination wins over page/page_size pagination.","schema":{"type":"integer","maximum":9007199254740991,"minimum":1},"example":25},"sort":{"in":"query","name":"sort","description":"Sorting used for response.","schema":{"type":"string"},"example":"-inventory_id"},"cve_sort":{"in":"query","name":"sort","description":"Sorting used for response.","schema":{"type":"string"},"example":"-synopsis"},"inventory_id":{"in":"path","name":"inventory_id","description":"Inventory ID.","required":true,"schema":{"type":"string","format":"uuid"},"example":"INV-ID-0000-1234"},"cve_id":{"in":"path","name":"cve_id","description":"CVE id.","required":true,"schema":{"type":"string"},"example":"CVE-2016-0800"},"public_from":{"in":"query","name":"public_from","description":"Filter CVEs based on their published date, starting from the date.","schema":{"type":"string"},"example":"2017-09-18T00:00:00+00:00"},"public_to":{"in":"query","name":"public_to","description":"Filter CVEs based on their published date, up to the date.","schema":{"type":"string"},"example":"2017-09-18T00:00:00+00:00"},"cvss_from":{"in":"query","name":"cvss_from","description":"Filter based on cvss score, starting from the value. Use -1 to include also CVEs with N/A cvss score.","schema":{"type":"number"},"example":4.6},"cvss_to":{"in":"query","name":"cvss_to","description":"Filter based on cvss score, up to the value.","schema":{"type":"number"},"example":7.2},"impact":{"in":"query","name":"impact","description":"Filter based on impact IDs.","schema":{"type":"string"},"example":"5,7"},"status_id":{"in":"query","name":"status_id","description":"Filer based on CVE status ID.","schema":{"type":"string","example":"1,4"}},"business_risk_id":{"in":"query","name":"business_risk_id","description":"Filter based on business risk IDs.","schema":{"type":"string","example":"1,3"}},"data_format":{"in":"query","name":"data_format","description":"Format of the output data, either JSON (default) or CSV.","schema":{"type":"string","example":"json"}},"account_id":{"in":"path","name":"account_id","description":"Account ID of user.","required":true,"schema":{"type":"string"},"example":"123456"},"stale":{"in":"query","name":"stale","description":"If set to true, shows stale systems. If not set defaults to false.","schema":{"type":"boolean"}},"rule_presence":{"in":"query","name":"rule_presence","description":"Comma seprated string with bools. If true shows only CVEs with security rule associated, if false shows CVEs without rules. true, false shows all.","schema":{"type":"array","items":{"type":"boolean"},"maxItems":2},"example":"true,false"},"rule_presence_deprecated":{"in":"query","name":"rule_presence","description":"Comma seprated string with bools. If true shows only CVEs with security rule associated, if false shows CVEs without rules. true, false shows all.","schema":{"type":"array","items":{"type":"boolean"},"maxItems":2},"deprecated":true,"example":"true,false"},"rule_key":{"in":"query","name":"rule_key","description":"Filters security rules by its error key.","schema":{"type":"array","items":{"type":"string"}},"example":"CVE_2018_3639_cpu_kernel|CVE_2018_3639_CPU_BAD_MICROCODE_2,CVE_2018_12207_cpu_kernel|CVE_2018_12207_CPU_KERNEL_FOR_SURE"},"rule_key_deprecated":{"in":"query","name":"rule_key","description":"Filters security rules by its error key.","schema":{"type":"array","items":{"type":"string"}},"deprecated":true,"example":"CVE_2018_3639_cpu_kernel|CVE_2018_3639_CPU_BAD_MICROCODE_2,CVE_2018_12207_cpu_kernel|CVE_2018_12207_CPU_KERNEL_FOR_SURE"},"rule":{"in":"query","name":"rule","description":"Filters CVEs or systems by security rule, has two functionalities. If value is false, shows results without security rules, every other value is taken as rule error key.","schema":{"type":"array","items":{"type":"string","minLength":1}},"example":"CVE_2018_3639_cpu_kernel|CVE_2018_3639_CPU_BAD_MICROCODE_2,CVE_2018_12207_cpu_kernel|CVE_2018_12207_CPU_KERNEL_FOR_SURE"},"uuid":{"in":"query","name":"uuid","description":"Filter based on UUID of inventory.","schema":{"type":"string"},"example":"2ee58c62-809f-11ea-bc55-0242ac130003"},"tags":{"in":"query","name":"tags","description":"Filter based on hosts tags. Tags needs to be in query format, that means <namespace>/<key>=<value> or <namespace>/<key> if value is null. Characters '/', '=' in tag values needs to be escaped by url encoding.","schema":{"type":"array","items":{"type":"string","pattern":"^([^=/]+\\/){1}([^=/])+(=[^=/]+)?$"}},"example":"vulnerability/usage=server"},"sap_system":{"in":"query","name":"sap_system","description":"Boolean value which shows systems managed by SAP.","schema":{"type":"boolean"},"example":false},"known_exploit":{"in":"query","name":"known_exploit","description":"String of booleans (array of booleans), where true shows CVEs with known exploits, false shows CVEs without known exploits.","schema":{"type":"array","items":{"type":"boolean"},"maxItems":2},"example":"true,false"},"sap_sids":{"in":"query","name":"sap_sids","description":"List of SAP IDs to filter with","schema":{"type":"array","items":{"type":"string"}},"example":"ABC,CDE"},"show_advisories":{"in":"query","name":"show_advisories","description":"If true shows advisories list","schema":{"type":"boolean"},"example":false},"advisory":{"in":"query","name":"advisory","description":"Filter by advisory name, works only with show_advisories=true","schema":{"type":"string"},"example":"RHSA-2019:1481"},"affecting":{"in":"query","name":"affecting","description":"Comma seprated string with bools (array of bools). True value controls displaying CVEs with at least one system affected. False value toggles CVEs with no systems affected. Defaults to showing only CVEs with at least one system affected.","schema":{"type":"array","items":{"type":"boolean"},"maxItems":2},"example":"true,false"},"affecting_host_type":{"in":"query","name":"affecting_host_type","description":"Controls, whenever CVE has 1 or more affecting systems. Value \"image\" returns CVEs with one or more vulnerable image-mode systems, value \"rpmdnf\" returns CVEs with one or more vulnerable conventional systems. Value \"none\" returns CVEs not affecting systems of any kind.","schema":{"type":"array","items":{"type":"string","enum":["rpmdnf","image","edge","none"]},"maxItems":3},"example":"image,none"},"excluded":{"in":"query","name":"excluded","description":"Comma seprated string with bools (array of bools). True boolean value displays systems which are excluded. False value displays systems excluded from vulnerability analysis. Defaults to showing only those systems which are not excluded.","schema":{"type":"array","items":{"type":"boolean"},"maxItems":2},"example":"true,false"},"rhel_version":{"in":"query","name":"rhel_version","description":"Filters results by RHEL OS version. Automatically flters out systems which are not RHEL or have uknown OS.","required":false,"schema":{"type":"string","description":"List of RHEL versions. E.g. 7,8.1 will filter out everything which is not RHEL 7.x or RHEL 8.1"}},"first_reported_from":{"in":"query","name":"first_reported_from","description":"Filter for CVEs/Systems where the vulnerability appeared after given date.","required":false,"schema":{"type":"string","description":"Datetime string"},"example":"2017-09-18T00:00:00+00:00"},"first_reported_to":{"in":"query","name":"first_reported_to","description":"Filter for CVEs/Systems where the vulnerability appeared before given date.","required":false,"schema":{"type":"string","description":"Datetime string"},"example":"2017-09-18T00:00:00+00:00"},"advisory_available":{"in":"query","name":"advisory_available","description":"String of booleans (array of booleans), where true shows CVE-system pairs with available advisory, false shows CVE-system pairs without available advisory.","schema":{"type":"array","items":{"type":"boolean"},"maxItems":2},"example":"true,false"},"remediation":{"in":"query","name":"remediation","description":"Filer based on available remediation type id.","schema":{"type":"string","example":1}},"report":{"in":"query","name":"report","description":"Needs to be used when endpoint data is used for report generation, checks RBAC permission for report and export feature.","required":false,"schema":{"type":"boolean"},"example":false},"advanced_report":{"in":"query","name":"advanced_report","description":"Needs to be used when endpoint data is used for Report by CVEs feature, checks RBAC permission for advanced report.","schema":{"type":"boolean"},"example":false},"ansible":{"in":"query","name":"ansible","description":"Boolean value which shows systems managed by Ansible Automation Platform.","schema":{"type":"boolean"},"example":false},"mssql":{"in":"query","name":"mssql","description":"Boolean value which shows systems managed by MSSQL.","schema":{"type":"boolean"},"example":false},"group_names":{"in":"query","name":"group_names","description":"Names of the inventory groups.","schema":{"type":"array","items":{"type":"string"}},"example":"Production,Stage"},"group_ids":{"in":"query","name":"group_ids","description":"IDs of the inventory groups.","schema":{"type":"array","items":{"type":"string"}},"example":"00000000-1111-0000-0000-000000000000,00000000-2222-0000-0000-000000000000"},"host_type":{"in":"query","name":"host_type","description":"For filtering out the systems based on their type. Value \"rpmdnf\" for RPMDNF systems, \"image\" for image-mode systems.","schema":{"type":"array","items":{"type":"string","enum":["rpmdnf","image","edge"]},"maxItems":2}}},"securitySchemes":{"BasicAuth":{"type":"http","scheme":"basic","description":"Username and password login.","x-basicInfoFunc":"manager.base.basic_auth"},"ApiKeyAuth":{"type":"apiKey","in":"header","name":"x-rh-identity","description":"Identity header provided by 3scale (for non-prod testing only).","x-apikeyInfoFunc":"manager.base.auth"}},"schemas":{"Errors":{"type":"object","properties":{"errors":{"type":"array","items":{"type":"object","properties":{"detail":{"oneOf":[{"type":"string","description":"Error detail.","example":"Record not found."},{"type":"object","description":"Returned with RBAC (user permissions) related issue","properties":{"msg":{"type":"string","description":"Error detail related to RBAC problem"},"permissions":{"type":"array","items":{"type":"string"},"description":"Array with RBAC permissions of user"}}}]},"status":{"type":"string","description":"String representation of HTTP status code.","example":404}},"required":["detail","status"]},"minItems":1}},"required":["errors"]},"Links":{"type":"object","properties":{"first":{"type":"string","description":"Link to first page.","example":"/api?offset=0&limit=1"},"last":{"type":"string","description":"Link to last page.","example":"/api?offset=7&limit=1"},"next":{"type":"string","description":"Link to next page.","example":"/api?offset=5&limit=1","nullable":true},"previous":{"type":"string","description":"Link to next page.","example":"/api?offset=3&limit=1","nullable":true}},"required":["first","last","next","previous"]},"Meta":{"type":"object","properties":{"filter":{"type":"string","description":"Full text filter","example":"CVE-2016-0800","nullable":true},"limit":{"type":"integer","description":"Maximum number of paginated results.","example":25},"offset":{"type":"integer","description":"First record of paginated response.","example":0},"page":{"type":"integer","description":"Page number of paginated response.","example":1},"page_size":{"type":"integer","description":"Number of records per page of paginated response.","example":25},"pages":{"type":"integer","description":"Total number of pages of paginated response.","example":1},"sort":{"type":"string","description":"Sorting filter.","example":"-inventory_id","nullable":true},"total_items":{"type":"integer","description":"Total number of records.","example":37},"data_format":{"type":"string","description":"Format of the output data, either JSON (default) or CSV.","example":"JSON"}},"required":["filter","limit","offset","page","page_size","pages","sort","total_items","data_format"]},"MetaPermissions":{"type":"object","properties":{"permissions":{"type":"array","description":"Fetched permissions from RBAC for given user","nullable":false,"items":{"type":"string","example":"vulnerability:vulnerability_results:read"}}},"required":["permissions"]},"MetaVulnerabilitiesOut":{"allOf":[{"$ref":"#/components/schemas/Meta"},{"$ref":"#/components/schemas/MetaPermissions"},{"type":"object","properties":{"affecting":{"type":"string","description":"Description of CVE showing preferences","example":"True,False","nullable":true},"business_risk_id":{"type":"string","description":"Filter based on business risk IDs.","example":"1,3","nullable":true},"cvss_from":{"type":"number","description":"Filter based on cvss score, starting from the value. Use -1 to include also CVEs with N/A cvss score.","example":4.6,"nullable":true},"cvss_to":{"type":"number","description":"Filter based on cvss score, up to the value.","example":7.2,"nullable":true},"public_from":{"type":"string","description":"Filter CVEs based on their published date, starting from the date.","example":"2017-09-18T00:00:00+00:00","nullable":true},"public_to":{"type":"string","description":"Filter CVEs based on their published date, up to the date.","example":"2017-09-18T00:00:00+00:00","nullable":true},"impact":{"type":"string","description":"Filter based on impact IDs.","example":"5,7","nullable":true},"system_count_per_type":{"type":"object","description":"Number of systems managed by vulnerability application, grouped by host type.","properties":{"rpmdnf":{"type":"number","description":"Number of conventional systems.","example":26},"image":{"type":"number","description":"Number of image-mode systems.","example":3,"nullable":true},"edge":{"type":"number","description":"Number of image-mode systems. (Deprecated)","example":3,"nullable":true}}},"system_count":{"type":"integer","description":"Total number of systems managed by vulnerability application.","example":25641},"rhel_version":{"type":"string","description":"Filter base on system RHEL version.","example":"8.2","nullable":true},"rule_presence":{"type":"string","description":"Filter based on presence of security rule","example":"true,false","nullable":true},"cves_without_errata":{"type":"boolean","description":"CVEs without Errata feature flag","nullable":true},"advisory_available":{"type":"string","description":"Shows whether a CVE has available advisory or not","example":"true,false","nullable":true},"cache_used":{"type":"boolean","description":"Flag if cached data was used to produce the response.","example":false}},"required":["affecting","business_risk_id","cvss_from","cvss_to","public_from","public_to","impact","rhel_version","rule_presence","cves_without_errata","advisory_available","cache_used"]}]},"MetaAffectedSystems":{"allOf":[{"$ref":"#/components/schemas/Meta"},{"$ref":"#/components/schemas/MetaPermissions"},{"type":"object","properties":{"status_id":{"type":"string","description":"Filer based on CVE status ID.","example":"1,4","nullable":true},"rule_key":{"type":"string","description":"Filters security rules by its error key.","example":"CVE_2018_3639_cpu_kernel|CVE_2018_3639_CPU_BAD_MICROCODE_2,CVE_2018_12207_cpu_kernel|CVE_2018_12207_CPU_KERNEL_FOR_SURE","nullable":true},"rule_presence":{"type":"string","description":"Filter based on presence of security rule","example":"true,false","nullable":true},"patch_access":{"type":"boolean","description":"If show_advisories=true shows access to patch service else null","example":true,"nullable":true},"rhel_version":{"type":"string","description":"Filter base on system RHEL version.","example":"8.2","nullable":true},"first_reported_from":{"type":"string","description":"Filter system-cve pairs based on first time of detection of CVE.","example":"2017-09-18T00:00:00+00:00","nullable":true},"first_reported_to":{"type":"string","description":"Filter system-cve pairs based on first time of detection of CVE.","example":"2017-09-18T00:00:00+00:00","nullable":true},"cves_without_errata":{"type":"boolean","description":"CVEs without Errata feature flag","nullable":true},"group_names":{"type":"string","description":"Name of the inventory group.","example":"Production,Stage","nullable":true},"group_ids":{"type":"string","description":"ID of the inventory group.","example":"00000000-1111-0000-0000-000000000000,00000000-2222-0000-0000-000000000000","nullable":true}},"required":["status_id","rule_key","rule_presence","patch_access","rhel_version","first_reported_from","first_reported_to","cves_without_errata","group_names","group_ids"]}]},"MetaSystems":{"allOf":[{"$ref":"#/components/schemas/Meta"},{"$ref":"#/components/schemas/MetaPermissions"},{"type":"object","properties":{"excluded":{"type":"string","description":"Display setting of opted out systems.","example":"true,false","nullable":true},"rhel_version":{"type":"string","description":"Filter base on system RHEL version.","example":"8.2","nullable":true}},"required":["excluded","rhel_version"]}]},"MetaCves":{"allOf":[{"$ref":"#/components/schemas/Meta"},{"$ref":"#/components/schemas/MetaPermissions"},{"type":"object","properties":{"business_risk_id":{"type":"string","description":"Filter based on business risk IDs.","example":"1,3","nullable":true},"cvss_from":{"type":"number","description":"Filter based on cvss score, starting from the value. Use -1 to include also CVEs with N/A cvss score.","example":4.6,"nullable":true},"cvss_to":{"type":"number","description":"Filter based on cvss score, up to the value.","example":7.2,"nullable":true},"public_from":{"type":"string","description":"Filter CVEs based on their published date, starting from the date.","example":"2017-09-18T00:00:00+00:00","nullable":true},"public_to":{"type":"string","description":"Filter CVEs based on their published date, up to the date.","example":"2017-09-18T00:00:00+00:00","nullable":true},"impact":{"type":"string","description":"Filter based on impact IDs.","example":"5,7","nullable":true},"status_id":{"type":"string","description":"Filer based on CVE status ID.","example":"1,4","nullable":true},"rule_presence":{"type":"string","description":"Filter based on presence of security rule","example":"true,false","nullable":true},"patch_access":{"type":"boolean","description":"If show_advisories=true shows access to patch service else null","example":true,"nullable":true},"first_reported_from":{"type":"string","description":"Filter system-cve pairs based on first time of detection of CVE.","example":"2017-09-18T00:00:00+00:00","nullable":true},"first_reported_to":{"type":"string","description":"Filter system-cve pairs based on first time of detection of CVE.","example":"2017-09-18T00:00:00+00:00","nullable":true},"cves_without_errata":{"type":"boolean","description":"CVEs without Errata feature flag","nullable":true}},"required":["business_risk_id","cvss_from","cvss_to","public_from","public_to","impact","status_id","rule_presence","patch_access","first_reported_from","first_reported_to","cves_without_errata"]}]},"MetaCvesSystems":{"allOf":[{"$ref":"#/components/schemas/MetaCves"},{"type":"object","properties":{"opt_out":{"type":"boolean","description":"If given system was opted out.","example":true}},"required":["opt_out"]}]},"AffectedSystemsOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Host id.","example":"INV-ID-0000-1234"},"type":{"type":"string","description":"Type of the record.","example":"system"},"attributes":{"type":"object","properties":{"cve_status_id":{"type":"integer","description":"Internal ID of the CVE status.","example":4},"culled_timestamp":{"type":"string","description":"Timestamp from which the host is considered deleted.","example":"2018-09-22T16:00:00+00:00","nullable":true},"display_name":{"type":"string","description":"System's name.","example":"system.example.com","nullable":true},"first_reported":{"type":"string","description":"Date of when the CVE was first reported on the system.","example":"2018-09-22T16:00:00+00:00"},"inventory_id":{"type":"string","description":"Host ID.","example":"INV-ID00-0000-1234"},"insights_id":{"type":"string","description":"Insights host ID.","example":"0035f6bc-cdb0-4763-8fcd-1dc58f716359","nullable":true},"last_evaluation":{"type":"string","description":"Date of last evaluation.","example":"2018-09-22T16:00:00+00:00","nullable":true},"os":{"type":"string","description":"Operating system.","example":"RHEL 8.4"},"reporter":{"type":"number","description":"Reporter of the vulnerability, 1 for VMaaS, 2 for security rule, 3 for both VMaaS and rule.","enum":[0,1,2,3]},"rhsm_lock":{"type":"string","description":"System is locked to following RHSM version.","example":"8.4","nullable":true},"rule":{"type":"object","description":"Details of associated security rule.","properties":{"details":{"type":"object","description":"Additional information specific to the system rule hit."},"resolution":{"type":"object","description":"Details of recommended resolution.","properties":{"resolution":{"type":"string","example":"Red Hat recommends that you update the dnsmasq package","description":"Recommended resolution of the issue.","nullable":true}},"required":["resolution"]},"rule":{"type":"object","properties":{"description":{"type":"string","example":"CVE-2017-14491 dnsmasq code execution with listening processes","description":"Description of the associated security rule.","nullable":true},"more_info":{"type":"string","example":"For more information about this specific flaw, see its ...","description":"Additional information about the issue.","nullable":true},"node_id":{"type":"integer","description":"ID of associated Red Hat knowledgebase article.","example":3199382,"nullable":true},"reason":{"type":"string","example":"This system is vulnerable because it is running a vulnerable package.","description":"Reason of why rule did hit.","nullable":true},"rule_id":{"type":"string","example":"CVE_2017_14491_dnsmasq|CVE_2017_14491_ERROR","description":"ID of associated security rule."}},"required":["description","more_info","node_id","reason","rule_id"]}},"nullable":true,"required":["details","resolution","rule"]},"rules_evaluation":{"type":"string","description":"Date of last security rules evaluation.","example":"2018-09-22T16:00:00+00:00","nullable":true},"stale_timestamp":{"type":"string","description":"Date when stale system becomes stale.","example":"2018-09-22T16:00:00+00:00","nullable":true},"stale_warning_timestamp":{"type":"string","description":"Date when stale system becomes hidden in the application.","example":"2018-09-22T16:00:00+00:00","nullable":true},"status_id":{"type":"integer","description":"Internal ID of the vulnerability status.","example":4},"status_name":{"type":"string","description":"Status of the vulnerability for the application's point of view.","example":"Resolved"},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not relevant","nullable":true},"tags":{"type":"array","items":{"type":"object","properties":{"namespace":{"type":"string","description":"Namespace of single tag.","example":"vulnerability","nullable":true},"key":{"type":"string","description":"Key of the single tag.","example":"CVE"},"value":{"type":"string","description":"Value of the single tag.","example":"CVE-2017-1","nullable":true}},"required":["namespace","key","value"]}},"advisories_list":{"type":"array","description":"List of advisories for system","items":{"type":"string","description":"Advisory id","example":"RHSA-2019:1481"}},"updated":{"type":"string","description":"Date of the lastest upload of archive taken from Inventory syndicated data.","example":"2018-09-22T16:00:00+00:00","nullable":true},"last_upload":{"type":"string","description":"Date of the latest upload of archive.","example":"2018-09-22T16:00:00+00:00"},"advisory_available":{"type":"boolean","description":"Shows whether a CVE has available advisory or not","example":true},"remediation":{"type":"number","description":"Type of available remediation, 0 for none, 1 for manual, 2 for playbook.","enum":[0,1,2]},"mitigation_reason":{"type":"string","description":"Reason why the system is not vulnerable.","example":"SELinux mitigates the issue","nullable":true},"inventory_group":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"ID of inventory group.","example":"00000000-1111-0000-0000-000000000000"},"name":{"type":"string","description":"Name of inventory group.","example":"group01"}},"required":["id","name"]}},"host_type":{"type":"string","description":"Type of the host","enum":["rpmdnf","image"]}},"required":["cve_status_id","culled_timestamp","display_name","first_reported","inventory_id","insights_id","last_evaluation","os","reporter","rhsm_lock","rule","rules_evaluation","stale_timestamp","stale_warning_timestamp","status_id","status_name","status_text","tags","updated","advisory_available","remediation","mitigation_reason","inventory_group","host_type"]}},"required":["id","type","attributes"]}}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaAffectedSystems"}},"required":["data","links","meta"]},"AffectedSystemsIdsOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","description":"Smallest dataset for frontend to work.","properties":{"inventory_id":{"type":"string","description":"Host ID.","example":"INV-ID00-0000-1234"},"rule_id":{"type":"string","example":"CVE_2017_14491_dnsmasq|CVE_2017_14491_ERROR","description":"ID of associated security rule.","nullable":true},"status_id":{"type":"integer","description":"Internal ID of the vulnerability status.","example":4},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not relevant","nullable":true},"display_name":{"type":"string","description":"System's name.","example":"system.example.com"},"mitigation_reason":{"type":"string","description":"Reason why the system is not vulnerable.","example":"SELinux mitigates the issue","nullable":true},"remediation":{"type":"number","description":"Type of available remediation, 0 for none, 1 for manual, 2 for playbook.","enum":[0,1,2]}},"required":["inventory_id","rule_id","status_id","status_text","display_name","remediation"]}}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaAffectedSystems"}},"required":["data","links","meta"]},"BusinessRiskListOut":{"type":"object","properties":{"data":{"type":"array","description":"List of available business risk/business_risk_id pairs.","items":{"type":"object","properties":{"id":{"type":"integer","description":"Internal business_risk_id.","example":3},"name":{"type":"string","description":"Represenation of internal business_risk_id.","example":"Low"}},"required":["id","name"]}},"meta":{"type":"object","properties":{"total_items":{"type":"integer","description":"Total number of available business risk/business_risk_id pairs.","example":1}},"required":["total_items"]}},"required":["data","meta"]},"CveDetailOut":{"type":"object","properties":{"data":{"type":"object","properties":{"id":{"type":"string","description":"CVE id.","example":"CVE-2016-0800"},"type":{"type":"string","description":"Type of the record.","example":"cve"},"attributes":{"type":"object","properties":{"business_risk":{"type":"string","description":"Business risk of the vulnerability.","example":"Low"},"business_risk_id":{"type":"integer","description":"Internal ID of the vulnerability business risk.","example":1},"business_risk_text":{"type":"string","description":"Complementary text to the business risk.","example":"QA environment => Low business risk","nullable":true},"celebrity_name":{"type":"string","description":"\"Celebrity\" name of the CVE.","example":"Spectre/Meltdown","nullable":true},"cvss2_metrics":{"type":"string","description":"cvss2 metrics of the CVE.","example":"AV:N/AC:M/Au:N/C:P/I:P/A:N","nullable":true},"cvss2_score":{"type":"string","description":"String representation of cvss2 score of the CVE.","example":"5.800","nullable":true},"cvss3_metrics":{"type":"string","description":"cvss3 metrics of the CVE.","example":"AV:N/AC:M/Au:N/C:P/I:P/A:N","nullable":true},"cvss3_score":{"type":"string","description":"String representation of cvss3 score of the CVE.","example":"4.400","nullable":true},"description":{"type":"string","description":"Description of the CVE.","example":"A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker could..."},"modified_date":{"type":"string","description":"String representation of ISO-8601 formatted date of last modification of the CVE.","example":"2019-03-07T08:15:36+00:00","nullable":true},"impact":{"type":"string","description":"Red Hat security impact of the CVE.","example":"Important"},"public_date":{"type":"string","description":"String representation of ISO-8601 formatted date of first public disclosure of the CVE.","example":"2016-03-01T00:00:00+00:00","nullable":true},"redhat_url":{"type":"string","description":"Additional resource about the CVE, provided by Red Hat.","example":"https://access.redhat.com/security/cve/cve-2016-0800","nullable":true},"rules":{"type":"array","items":{"$ref":"#/components/schemas/InsightsRule"}},"secondary_url":{"type":"string","description":"Additional resources about the CVE.","example":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800","nullable":true},"status":{"type":"string","description":"Status of the vulnerability.","example":"Not Reviewed"},"status_id":{"type":"integer","description":"Internal ID of the vulnerability status.","example":1},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not relevant","nullable":true},"synopsis":{"type":"string","description":"Synopsis of the CVE.","example":"CVE-2016-0800"},"systems_status_detail":{"type":"object","description":"Counts of systems with given status type."},"systems_status_divergent":{"type":"integer","description":"How many systems-CVE pairs have different status than CVE-level.","example":20},"advisories_list":{"type":"array","description":"List of advisory names or detailed advisory information","nullable":true,"items":{"type":"string","example":"RHSA-2015:0809"}},"known_exploit":{"type":"boolean","description":"Shows whether a CVE has known exploits or not","example":true},"affected_but_not_vulnerable":{"type":"integer","nullable":true,"description":"Number of systems that are affected by given CVE but are not vulnerable.","example":0},"affected_systems":{"type":"integer","nullable":true,"description":"Number of systems that are overall affected by given CVE","example":52}},"required":["business_risk","business_risk_id","business_risk_text","celebrity_name","cvss2_metrics","cvss2_score","cvss3_metrics","cvss3_score","description","impact","modified_date","public_date","redhat_url","rules","secondary_url","status","status_id","status_text","synopsis","systems_status_detail","systems_status_divergent","advisories_list","known_exploit","affected_but_not_vulnerable"]}},"required":["id","type","attributes"]},"meta":{"$ref":"#/components/schemas/MetaPermissions"}}},"CveRiskIn":{"type":"object","properties":{"cve":{"$ref":"#/components/schemas/CveOrList"},"business_risk_id":{"type":"integer","description":"Business risk ID to be set, obtained by GET method.","example":3},"business_risk_text":{"type":"string","description":"Complementary text to the business risk.","example":"Not relevant","nullable":true}},"required":["cve"]},"CveStatusIn":{"type":"object","properties":{"cve":{"$ref":"#/components/schemas/CveOrList"},"status_id":{"type":"integer","description":"Status ID to be set, obtained by GET method.","example":3},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not relevant","nullable":true}},"required":["cve"]},"CveOrList":{"oneOf":[{"type":"string","description":"CVE name.","example":"CVE-2016-0800"},{"type":"array","items":{"type":"string","example":"CVE-2016-0800"},"description":"List of CVEs for a bulk change."}],"example":"CVE-2016-0800"},"InventoryIdOrList":{"oneOf":[{"type":"string","description":"Inventory ID.","example":"f35b1e1d-d231-43f2-8e4f-8f9cb01e3aa2"},{"type":"array","items":{"type":"string","example":"f35b1e1d-d231-43f2-8e4f-8f9cb01e3aa2"},"description":"List of inventory IDs for a bulk change."}],"example":"f35b1e1d-d231-43f2-8e4f-8f9cb01e3aa2"},"OptOutIn":{"type":"object","properties":{"inventory_id":{"$ref":"#/components/schemas/InventoryIdOrList"},"opt_out":{"type":"boolean","description":"Opt out setting to be set.","example":true}},"required":["inventory_id","opt_out"]},"BulkChangeOut":{"type":"object","properties":{"updated":{"type":"array","items":{"type":"string","example":"f35b1e1d-d231-43f2-8e4f-8f9cb01e3aa2"},"description":"List of updated objects/updated object IDs."},"meta":{"$ref":"#/components/schemas/MetaPermissions"}},"required":["updated"]},"StatusIn":{"type":"object","properties":{"inventory_id":{"$ref":"#/components/schemas/InventoryIdOrList"},"cve":{"$ref":"#/components/schemas/CveOrList"},"status_id":{"type":"integer","description":"Status ID to be set, obtained by GET method. If not specified, global CVE status is set.","example":3},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not relevant","nullable":true}},"required":["cve"]},"CvesWithoutErrataIn":{"type":"object","properties":{"enable":{"type":"boolean","description":"Enable or disable CVEs without Errata feature.","example":true}},"required":["enable"]},"ExecutiveReport":{"type":"object","properties":{"system_count_per_type":{"type":"object","description":"Number of systems managed by vulnerability application, grouped by host type.","properties":{"rpmdnf":{"type":"number","description":"Number of conventional systems.","example":26},"image":{"type":"number","description":"Number of image-mode systems.","example":3,"nullable":true},"edge":{"type":"number","description":"Number of image-mode systems. (Deprecated)","example":3,"nullable":true}}},"system_count":{"type":"integer","description":"Total number of systems managed by vulnerability application.","example":25641},"cves_total":{"type":"integer","description":"Number of unique CVEs discovered on the managed systems.","example":1902},"cves_by_severity":{"type":"object","description":"Number of CVEs discovered on the managed systems, divided into buckets based on their CVSSv3 score (CVSSv2 is used when CVSSv3 is not available).","properties":{"0to3.9":{"type":"object","properties":{"count":{"type":"integer","description":"Number of CVEs with CVSS score lower than 4.","example":1902},"percentage":{"type":"number","description":"Percentage of CVEs with CVSS score lower than 4.","example":60}},"required":["count","percentage"]},"4to7.9":{"type":"object","properties":{"count":{"type":"integer","description":"Number of CVEs with CVSS score higher or equal to 4 and lower then 8.","example":400},"percentage":{"type":"number","description":"Percentage of CVEs with CVSS score higher or equal to 4 and lower then 8.","example":15}},"required":["count","percentage"]},"8to10":{"type":"object","properties":{"count":{"type":"integer","description":"Number of CVEs with CVSS score higher or equal to 8.","example":109},"percentage":{"type":"number","description":"Percentage of CVEs with CVSS score higher or equal to 8.","example":2}},"required":["count","percentage"]}},"required":["0to3.9","4to7.9","8to10"]},"recent_cves":{"type":"object","description":"Number of recently published CVEs identified on managed systems","properties":{"last7days":{"type":"integer","description":"Number of CVEs identified on managed systems published in last 7 days.","example":14},"last30days":{"type":"integer","description":"Number of CVEs identified on managed systems published in last 30 days.","example":62},"last90days":{"type":"integer","description":"Number of CVEs identified on managed systems published in last 90 days.","example":156}},"required":["last7days","last30days","last90days"]},"rules_by_severity":{"type":"object","description":"Information about how much systems are affected by a security rule, broken down by rule severity.","properties":{"1":{"type":"object","properties":{"rule_count":{"type":"integer","description":"How many unique rules with at least system affected are present.","example":12},"systems_affected":{"type":"integer","description":"How many unique systems are affected by at least one rules with given severity","example":443}},"required":["rule_count","systems_affected"]},"2":{"type":"object","properties":{"rule_count":{"type":"integer","description":"How many unique rules with at least system affected are present.","example":12},"systems_affected":{"type":"integer","description":"How many unique systems are affected by at least one rules with given severity","example":443}},"required":["rule_count","systems_affected"]},"3":{"type":"object","properties":{"rule_count":{"type":"integer","description":"How many unique rules with at least system affected are present.","example":12},"systems_affected":{"type":"integer","description":"How many unique systems are affected by at least one rules with given severity","example":443}},"required":["rule_count","systems_affected"]},"4":{"type":"object","properties":{"rule_count":{"type":"integer","description":"How many unique rules with at least system affected are present.","example":12},"systems_affected":{"type":"integer","description":"How many unique systems are affected by at least one rules with given severity","example":443}},"required":["rule_count","systems_affected"]}},"required":["1","2","3","4"]},"rules_total":{"type":"integer","description":"Number of unique CVEs discovered on the managed systems.","example":1902},"top_cves":{"type":"array","items":{"type":"object","properties":{"synopsis":{"type":"string","description":"CVE synopsis","example":"CVE-2016-0800"},"cvss2_score":{"type":"string","description":"String representation of cvss2 score of the CVE.","example":"5.800","nullable":true},"cvss3_score":{"type":"string","description":"String representation of cvss3 score of the CVE.","example":"4.400","nullable":true},"description":{"type":"string","description":"Description of the CVE.","example":"A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker could..."},"security_rule":{"type":"boolean","description":"Indicator of security rule presence","example":true,"deprecated":true},"rule_presence":{"type":"boolean","description":"Indicator of security rule presence","example":true},"systems_affected":{"type":"integer","description":"Systems affected by the CVE.","example":1795},"known_exploit":{"type":"boolean","description":"Shows whether a CVE has known exploits or not","example":true}},"required":["synopsis","cvss2_score","cvss3_score","description","systems_affected","known_exploit"]}},"top_rules":{"type":"array","items":{"type":"object","properties":{"associated_cves":{"type":"array","description":"All CVEs associated with the rule","items":{"type":"string","example":"CVE-2019-1125"}},"description":{"type":"string","example":"Privilege Escalation with running service (no fix available for this version)","description":"Brief description of the issue."},"rule_id":{"type":"string","example":"CVE_2017_14491_dnsmasq|CVE_2017_14491_ERROR","description":"ID of associated security rule."},"name":{"type":"string","description":"Name of the security rule.","example":"httpd denial of service with running services"},"severity":{"type":"integer","description":"Severity of the security rule.","example":3},"systems_affected":{"type":"integer","description":"Number of systems affected by the rule.","example":443}},"required":["associated_cves","description","name","rule_id","severity","systems_affected"]}},"meta":{"$ref":"#/components/schemas/MetaPermissions"}},"required":["system_count","cves_total","cves_by_severity","rules_by_severity","rules_total","recent_cves"]},"OSExposureReport":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","properties":{"name":{"type":"string","description":"Name of the operating system.","example":"RHEL"},"major":{"type":"integer","description":"Operating system major version.","example":9},"minor":{"type":"integer","description":"Operating system minor version.","example":5},"lifecycle_phase":{"type":"string","description":"Lifecycle phase of the given version.","example":"eus"},"cves_critical":{"type":"integer","description":"Number of CVEs with Critical severity.","example":2},"cves_important":{"type":"integer","description":"Number of CVEs with Important severity.","example":16},"cves_moderate":{"type":"integer","description":"Number of CVEs with Moderate severity.","example":57},"cves_low":{"type":"integer","description":"Number of CVEs with Low severity.","example":12},"cves_unpatched_critical":{"type":"integer","description":"Number of unpatched CVEs with Critical severity.","example":2},"cves_unpatched_important":{"type":"integer","description":"Number of unpatched CVEs with Important severity.","example":16},"cves_unpatched_moderate":{"type":"integer","description":"Number of unpatched CVEs with Moderate severity.","example":57},"cves_unpatched_low":{"type":"integer","description":"Number of unpatched CVEs with Low severity.","example":12}},"required":["name","major","minor","lifecycle_phase","cves_critical","cves_important","cves_moderate","cves_low","cves_unpatched_critical","cves_unpatched_important","cves_unpatched_moderate","cves_unpatched_low"]}}]}},"required":["data"]},"Dashboard":{"type":"object","properties":{"cves_total":{"type":"integer","description":"Number of unique CVEs discovered on the managed systems.","example":1902},"cves_by_severity":{"type":"object","description":"Number of CVEs discovered on the managed systems, divided into buckets based on their CVSSv3 score (CVSSv2 is used when CVSSv3 is not available).","properties":{"0to3.9":{"type":"object","properties":{"count":{"type":"integer","description":"Number of CVEs with CVSS score lower than 4.","example":1902},"percentage":{"type":"number","description":"Percentage of CVEs with CVSS score lower than 4.","example":60},"known_exploits":{"type":"number","description":"Number of CVEs in given bracket with a known exploit.","example":6}},"required":["count","percentage"]},"4to7.9":{"type":"object","properties":{"count":{"type":"integer","description":"Number of CVEs with CVSS score higher or equal to 4 and lower then 8.","example":400},"percentage":{"type":"number","description":"Percentage of CVEs with CVSS score higher or equal to 4 and lower then 8.","example":15},"known_exploits":{"type":"number","description":"Number of CVEs in given bracket with a known exploit.","example":6}},"required":["count","percentage"]},"8to10":{"type":"object","properties":{"count":{"type":"integer","description":"Number of CVEs with CVSS score higher or equal to 8.","example":109},"percentage":{"type":"number","description":"Percentage of CVEs with CVSS score higher or equal to 8.","example":2},"known_exploits":{"type":"number","description":"Number of CVEs in given bracket with a known exploit.","example":6}},"required":["count","percentage"]}},"required":["0to3.9","4to7.9","8to10"]},"recent_cves":{"type":"object","description":"Number of recently published CVEs identified on managed systems","properties":{"last7days":{"type":"integer","description":"Number of CVEs identified on managed systems published in last 7 days.","example":14},"last30days":{"type":"integer","description":"Number of CVEs identified on managed systems published in last 30 days.","example":62},"last90days":{"type":"integer","description":"Number of CVEs identified on managed systems published in last 90 days.","example":156}},"required":["last7days","last30days","last90days"]},"recent_rules":{"type":"array","description":"List of recently (14 days) released security rules.","items":{"type":"object","description":"Security rule.","properties":{"associated_cves":{"type":"array","description":"List of CVEs associated with the security rule.","items":{"type":"string","description":"CVE name.","example":"CVE-2016-0800"}},"description":{"type":"string","example":"A heap-based buffer overflow was found in the way ...","description":"Description of the issue related with the security rule."},"id":{"type":"string","description":"ID of the security rule.","example":"CVE_2019_11135_cpu_taa|CVE_2019_11135_CPU_TAA_KERNEL"},"name":{"type":"string","description":"Name of the security rule.","example":"sudo privilege escalation"},"node_id":{"type":"number","description":"Node id of access.redhat.com/node/* article.","example":5737621,"nullable":true},"public_date":{"type":"string","description":"String representation of ISO-8601 formatted date of release of the security rule.","example":"2016-03-01T00:00:00+00:00","nullable":true},"severity":{"type":"number","description":"Number representation of the security rule severity.","example":3},"systems_affected":{"type":"number","description":"Number of systems triggering the security rule.","example":178}}},"required":["associated_cves","description","name","node_id","severity","systems_affected"]},"rules_cves_total":{"type":"integer","description":"Total number of CVEs with associated security rules affecting given account.","example":12},"system_count":{"type":"integer","description":"Total systems registered to Vulnerability service (with applied filtering).","example":241},"exploited_cves_count":{"type":"integer","description":"unique number of CVEs having known exploit affecting at least one system","example":5}},"required":["cves_total","cves_by_severity","recent_cves","recent_rules","rules_cves_total","system_count","exploited_cves_count"]},"PlaybookTemplate":{"type":"object","properties":{"data":{"type":"array","items":{"type":"object","properties":{"description":{"type":"string","description":"Playbook template description.","example":"Fix issues caused by CVE_2017_6074_kernel|KERNEL_CVE_2017_6074."},"play":{"type":"string","description":"Actual playbook template."},"version":{"type":"string","description":"Revision of the playbook template.","example":"93a1ced8a259666f0505cd20b7cb8e7a1c65b868"},"reboot_required":{"type":"boolean","description":"Indicator whter reboot is required to mitigate vulnerability.","example":false,"nullable":true},"resolution_type":{"type":"string","description":"Type of the resolution provided by playbook."}},"required":["description","play","version","resolution_type"]}}}},"StatusOut":{"type":"object","properties":{"updated":{"type":"array","items":{"type":"object","properties":{"inventory_id":{"type":"string","example":"f35b1e1d-d231-43f2-8e4f-8f9cb01e3aa2"},"cve":{"type":"string","example":"CVE-2016-0800"}},"required":["inventory_id","cve"]},"description":"List of updated objects/updated object IDs."},"meta":{"$ref":"#/components/schemas/MetaPermissions"}},"required":["updated"]},"StatusListOut":{"type":"object","properties":{"data":{"type":"array","description":"List of available status/status_id pairs.","items":{"type":"object","properties":{"id":{"type":"integer","description":"Internal status_id.","example":3},"name":{"type":"string","description":"Represenation of internal status_id.","example":"Scheduled for Patch"}},"required":["id","name"]}},"meta":{"type":"object","properties":{"total_items":{"type":"integer","description":"Total number of available status/status_id pairs.","example":1}},"required":["total_items"]}},"required":["data","meta"]},"SystemCvesOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"CVE id.","example":"CVE-2016-0800"},"type":{"type":"string","description":"Type of the record.","example":"cve"},"attributes":{"type":"object","properties":{"business_risk":{"type":"string","description":"Business risk of the vulnerability.","example":"Low"},"business_risk_id":{"type":"integer","description":"Internal ID of the vulnerability business risk.","example":1},"business_risk_text":{"type":"string","description":"Complementary text to the business risk.","example":"QA environment => Low business risk","nullable":true},"cve_status_id":{"type":"integer","description":"Internal ID of the CVE status.","example":4},"cvss2_score":{"type":"string","description":"String representation of cvss2 score of the CVE.","example":"5.800","nullable":true},"cvss3_score":{"type":"string","description":"String representation of cvss3 score of the CVE.","example":"4.400","nullable":true},"description":{"type":"string","description":"Description of the CVE.","example":"A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker could..."},"first_reported":{"type":"string","description":"Date of when the CVE was first reported on the system.","example":"2018-09-22T16:00:00+00:00"},"impact":{"type":"string","description":"Red Hat security impact of the CVE.","example":"Important"},"public_date":{"type":"string","description":"String representation of ISO-8601 formatted date of first public disclosure of the CVE.","example":"2016-03-01T00:00:00+00:00","nullable":true},"reporter":{"type":"number","description":"Reporter of the vulnerability, 1 for VMaaS, 2 for security rule, 3 for both VMaaS and rule.","enum":[0,1,2,3]},"rule":{"type":"object","nullable":true,"properties":{"rule_id":{"type":"string","example":"CVE_2017_14491_dnsmasq|CVE_2017_14491_ERROR","description":"ID(s) of associated security rule(s)."},"description":{"type":"string","description":"Description of the rule.","example":"CVE-2017-14491 dnsmasq code execution with listening processes","nullable":true},"summary":{"type":"string","description":"Summary of the rule.","example":"A buffer overflow vulnerability was found in `Dnsmasq`, a popular lightweight DNS and DHCP server....","nullable":true},"reboot_required":{"type":"boolean","description":"Indicator whter reboot is required to mitigate vulnerability.","example":false,"nullable":true},"playbook_count":{"type":"integer","description":"Number of available Ansible playbooks for remediation/mitigation.","example":1,"nullable":true},"change_risk":{"type":"integer","description":"Indicates how likely remediation can change environment on the remediatied system.","example":1,"nullable":true},"kbase_node_id":{"type":"integer","description":"ID of associated Red Hat knowledgebase article.","example":3199382,"nullable":true},"generate_autoplaybook":{"type":"boolean","description":"Indicates whether a playbook should be auto-generated.","example":true,"nullable":true}},"required":["change_risk","description","kbase_node_id","playbook_count","reboot_required","rule_id","summary","generate_autoplaybook"]},"status":{"type":"string","description":"Status of the vulnerability for the application's point of view.","example":"Resolved"},"status_id":{"type":"integer","description":"Internal ID of the vulnerability status.","example":4},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not relevant","nullable":true},"cve_status_text":{"type":"string","description":"Status text to the whole cve.","example":"Not relevant for all","nullable":true},"synopsis":{"type":"string","description":"Synopsis of the CVE.","example":"CVE-2016-0800"},"advisories_list":{"type":"array","description":"List of advisories for CVE","items":{"type":"string","description":"Advisory id","example":"RHSA-2019:1481"}},"known_exploit":{"type":"boolean","description":"Shows whether a CVE has known exploits or not","example":true},"advisory_available":{"type":"boolean","description":"Shows whether a CVE has available advisory or not","example":true},"remediation":{"type":"number","description":"Type of available remediation, 0 for none, 1 for manual, 2 for playbook.","enum":[0,1,2]}},"required":["business_risk","business_risk_id","business_risk_text","cve_status_id","cve_status_text","cvss2_score","cvss3_score","description","first_reported","impact","public_date","reporter","rule","status","status_id","status_text","synopsis","known_exploit","advisory_available","remediation"]}},"required":["id","type","attributes"]}}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaCves"}},"required":["data","links","meta"]},"SystemCvesIdsOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","description":"CVE id and minimal information for frontend","properties":{"id":{"type":"string","description":"CVE id.","example":"CVE-2016-0800"},"rule_id":{"type":"string","example":"CVE_2017_14491_dnsmasq|CVE_2017_14491_ERROR","description":"ID(s) of associated security rule(s)..","nullable":true},"status_id":{"type":"integer","description":"Internal ID of the vulnerability status.","example":4},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not relevant","nullable":true},"cve_status_id":{"type":"integer","description":"Internal ID of the CVE status.","example":4},"cve_status_text":{"type":"string","description":"Status text to the whole cve.","example":"Not relevant for all","nullable":true},"remediation":{"type":"number","description":"Type of available remediation, 0 for none, 1 for manual, 2 for playbook.","enum":[0,1,2]}},"required":["id","rule_id","status_id","status_text","cve_status_id","cve_status_text","remediation"]}}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaCves"}},"required":["data","links","meta"]},"SystemDetailsOut":{"type":"object","properties":{"data":{"type":"object","properties":{"last_evaluation":{"type":"string","description":"Date of last evaluation.","example":"2018-09-22T16:00:00+00:00","nullable":true},"rules_evaluation":{"type":"string","description":"Date of last security rules evaluation.","example":"2018-09-22T16:00:00+00:00","nullable":true},"opt_out":{"type":"boolean","description":"System opt out status.","example":true},"last_upload":{"type":"string","description":"Date of the latest upload of archive.","example":"2018-09-22T16:00:00+00:00","nullable":true},"stale":{"type":"boolean","description":"System stale status.","example":true},"updated":{"type":"string","description":"Date of the lastest upload of archive taken from Inventory syndicated data.","example":"2018-09-22T16:00:00+00:00","nullable":true},"os":{"type":"string","description":"Operating system.","example":"RHEL 8.4"},"rhsm_lock":{"type":"string","description":"System is locked to following RHSM version.","example":"8.4","nullable":true},"tags":{"type":"array","items":{"type":"object","properties":{"namespace":{"type":"string","description":"Namespace of single tag.","example":"vulnerability","nullable":true},"key":{"type":"string","description":"Key of the single tag.","example":"CVE"},"value":{"type":"string","description":"Value of the single tag.","example":"CVE-2017-1","nullable":true}},"required":["namespace","key","value"]}},"host_type":{"type":"string","description":"Type of the host","enum":["rpmdnf","image"]}},"required":["last_evaluation","rules_evaluation","opt_out","last_upload","tags","os","rhsm_lock","host_type"]},"meta":{"$ref":"#/components/schemas/MetaPermissions"}},"required":["data","meta"]},"SystemListOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Host ID.","example":"INV-ID00-0000-1234"},"type":{"type":"string","description":"Type of the record.","example":"system"},"attributes":{"type":"object","properties":{"cve_count":{"type":"integer","description":"Number of CVE exposures for the system.","example":7,"nullable":true},"display_name":{"type":"string","description":"System's name,","example":"system.example.com","nullable":true},"inventory_id":{"type":"string","description":"Host ID.","example":"INV-ID00-0000-1234"},"insights_id":{"type":"string","description":"Insights host ID.","example":"0035f6bc-cdb0-4763-8fcd-1dc58f716359","nullable":true},"last_evaluation":{"type":"string","description":"Date of last evaluation.","example":"2018-09-22T16:00:00+00:00","nullable":true},"rules_evaluation":{"type":"string","description":"Date of last security rules evaluation.","example":"2018-09-22T16:00:00+00:00","nullable":true},"opt_out":{"type":"boolean","description":"Opt out status of the system.","example":false},"last_upload":{"type":"string","description":"Date of the latest upload of archive.","example":"2018-09-22T16:00:00+00:00","nullable":true},"os":{"type":"string","description":"Operating system.","example":"RHEL 8.4"},"rhsm_lock":{"type":"string","description":"System is locked to following RHSM version.","example":"8.4","nullable":true},"stale_timestamp":{"type":"string","description":"Date when stale system becomes stale.","example":"2018-09-22T16:00:00+00:00","nullable":true},"stale_warning_timestamp":{"type":"string","description":"Date when stale system becomes hidden in the application.","example":"2018-09-22T16:00:00+00:00","nullable":true},"updated":{"type":"string","description":"Date of the lastest upload of archive taken from Inventory syndicated data.","example":"2018-09-22T16:00:00+00:00","nullable":true},"tags":{"type":"array","items":{"type":"object","properties":{"namespace":{"type":"string","description":"Namespace of single tag.","example":"vulnerability","nullable":true},"key":{"type":"string","description":"Key of the single tag.","example":"CVE"},"value":{"type":"string","description":"Value of the single tag.","example":"CVE-2017-1","nullable":true}},"required":["namespace","key","value"]},"description":"Tags given to the system.","nullable":true},"culled_timestamp":{"type":"string","description":"Timestamp from which the host is considered deleted.","example":"2018-09-22T16:00:00+00:00","nullable":true},"inventory_group":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"ID of inventory group.","example":"00000000-1111-0000-0000-000000000000"},"name":{"type":"string","description":"Name of inventory group.","example":"group01"}},"required":["id","name"]}},"host_type":{"type":"string","description":"Type of the host","enum":["rpmdnf","image"]}},"required":["cve_count","display_name","inventory_id","insights_id","last_evaluation","rules_evaluation","opt_out","last_upload","os","rhsm_lock","stale_timestamp","stale_warning_timestamp","tags","culled_timestamp","inventory_group","host_type"]}},"required":["id","type","attributes"]}}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaSystems"}},"required":["data","links","meta"]},"SystemIdsOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Inventory ID.","example":"INV-ID00-0000-1234"},"opt_out":{"type":"boolean","description":"Whether the system is active or not.","example":false,"nullable":true},"display_name":{"type":"string","description":"System's name.","example":"system.example.com","nullable":true}}}}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaSystems"}},"required":["data","links","meta"]},"VulnerabilitiesOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"CVE id.","example":"CVE-2016-0800"},"type":{"type":"string","description":"Type of the record.","example":"cve"},"attributes":{"type":"object","properties":{"business_risk":{"type":"string","description":"Business risk of the vulnerability.","example":"Low"},"business_risk_id":{"type":"integer","description":"Internal ID of the vulnerability business risk.","example":1},"business_risk_text":{"type":"string","description":"Complementary text to the business risk.","example":"QA environment => Low business risk","nullable":true},"cvss2_score":{"type":"string","description":"String representation of cvss2 score of the CVE.","example":"5.800","nullable":true},"cvss3_score":{"type":"string","description":"String representation of cvss3 score of the CVE.","example":"4.400","nullable":true},"description":{"type":"string","description":"Description of the CVE.","example":"A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker could..."},"impact":{"type":"string","description":"Red Hat security impact of the CVE.","example":"Important"},"public_date":{"type":"string","description":"String representation of ISO-8601 formatted date of first public disclosure of the CVE.","example":"2016-03-01T00:00:00+00:00","nullable":true},"rules":{"type":"array","items":{"$ref":"#/components/schemas/InsightsRule"}},"status":{"type":"string","description":"Status of the vulnerability.","example":"Not Reviewed"},"status_id":{"type":"integer","description":"Internal ID of the vulnerability status.","example":1},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not Relevant","nullable":true},"synopsis":{"type":"string","description":"Synopsis of the CVE.","example":"CVE-2016-0800"},"systems_affected":{"type":"integer","description":"Number of systems affected by the CVE.","example":7},"systems_status_divergent":{"type":"integer","description":"How many systems-CVE pairs have different status than CVE-level.","example":20},"known_exploit":{"type":"boolean","description":"Shows whether a CVE has known exploits or not","example":true},"advisory_available":{"type":"boolean","description":"Shows whether a CVE has available advisory or not","example":true},"rhel_versions":{"type":"array","items":{"type":"string","description":"Applicable RHEL version across your entire system inventory.","example":"9.4"}}},"required":["business_risk","business_risk_id","business_risk_text","cvss2_score","cvss3_score","description","impact","public_date","rules","status","status_id","status_text","synopsis","systems_affected","systems_status_divergent","known_exploit","advisory_available","rhel_versions"]}},"required":["id","type","attributes"]}}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaVulnerabilitiesOut"}},"required":["data","links","meta"]},"VulnerabilitiesIdsOut":{"type":"object","properties":{"data":{"oneOf":[{"type":"string","description":"CSV export of the JSON."},{"type":"array","items":{"type":"object","description":"CVE id and minimal information.","properties":{"business_risk_id":{"type":"integer","description":"Internal ID of the vulnerability business risk.","example":1},"business_risk_text":{"type":"string","description":"Complementary text to the business risk.","example":"QA environment => Low business risk","nullable":true},"id":{"type":"string","description":"CVE id.","example":"CVE-2016-0800"},"status_id":{"type":"integer","description":"Internal ID of the vulnerability status.","example":1},"status_text":{"type":"string","description":"Complementary text to the status.","example":"Not Relevant","nullable":true}}},"required":["business_risk_id","business_risk_text","id","status_id","status_text"]}]},"links":{"$ref":"#/components/schemas/Links"},"meta":{"$ref":"#/components/schemas/MetaVulnerabilitiesOut"}},"required":["data","links","meta"]},"VersionOut":{"type":"object","properties":{"application_version":{"type":"string","description":"Version of application.","example":"0.1.2"},"database_version":{"oneOf":[{"type":"string"},{"type":"number"}],"description":"Version of database schema.","example":1}},"required":["application_version","database_version"]},"InsightsRule":{"type":"object","properties":{"rule_id":{"type":"string","example":"CVE_2017_14491_dnsmasq|CVE_2017_14491_ERROR","description":"ID(s) of associated security rule(s)."},"description":{"type":"string","description":"Description of the rule.","example":"CVE-2017-14491 dnsmasq code execution with listening processes","nullable":true},"summary":{"type":"string","description":"Summary of the rule.","example":"A buffer overflow vulnerability was found in `Dnsmasq`, a popular lightweight DNS and DHCP server....","nullable":true},"reboot_required":{"type":"boolean","description":"Indicator whter reboot is required to mitigate vulnerability.","example":false,"nullable":true},"playbook_count":{"type":"integer","description":"Number of available Ansible playbooks for remediation/mitigation.","example":1,"nullable":true},"change_risk":{"type":"integer","description":"Indicates how likely remediation can change environment on the remediatied system.","example":1,"nullable":true},"kbase_node_id":{"type":"integer","description":"ID of associated Red Hat knowledgebase article.","example":3199382,"nullable":true},"associated_cves":{"type":"array","items":{"type":"string","example":"CVE-2016-0800"},"description":"List of CVEs associated with the rule."},"rule_impact":{"type":"integer","description":"Shows rules impact number from 1 to 4","example":1,"nullable":true},"systems_affected":{"type":"integer","description":"Number of systems affected by the rule.","example":72},"publish_date":{"type":"string","description":"Date when the rule was published.","example":"2018-05-15T13:00:00Z","nullable":true}},"required":["associated_cves","change_risk","description","kbase_node_id","playbook_count","reboot_required","rule_id","summary","rule_impact","publish_date"]},"VulnerabilitiesPostIn":{"type":"object","properties":{"cve_list":{"type":"array","description":"Array of CVEs to provide info about","items":{"type":"string","example":"CVE-2016-0800","description":"CVE id."}}},"required":["cve_list"]},"VulnerabilitiesPostOut":{"type":"object","properties":{"data":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"CVE id.","example":"CVE-2016-0800"},"type":{"type":"string","description":"Type of the record.","example":"cve"},"attributes":{"type":"object","properties":{"cvss_score":{"type":"string","description":"String representation of cvss3 or cvvs2 (if v3 is not present) score of the CVE.","example":"5.800","nullable":true},"impact":{"type":"string","description":"Red Hat security impact of the CVE.","example":"Important"},"synopsis":{"type":"string","description":"Synopsis of the CVE.","example":"CVE-2016-0800"}},"required":["cvss_score","impact","synopsis"]}},"required":["id","type","attributes"]}},"links":{"$ref":"#/components/schemas/Links"},"meta":{"allOf":[{"$ref":"#/components/schemas/Meta"},{"$ref":"#/components/schemas/MetaPermissions"}]}},"required":["data","links","meta"]},"AnnouncementOut":{"type":"object","properties":{"message":{"type":"string","description":"Announcement message.","example":"Hello from Vulnerability team :)."},"last_updated":{"type":"string","description":"Datetime string.","example":"2004-10-19 10:23:54+02"}},"required":["message","last_updated"]},"DashbarOut":{"type":"object","properties":{"exploitable_cves":{"type":"number"},"cves_with_rule":{"type":"number"},"critical_cves":{"type":"number"},"important_cves":{"type":"number"}}},"CvesWithoutErrataOut":{"type":"object","properties":{"updated":{"type":"object","properties":{"org_id":{"type":"string"},"cves_without_errata":{"type":"object","properties":{"enabled":{"type":"boolean"}}}}},"meta":{"$ref":"#/components/schemas/MetaPermissions"}},"required":["updated","meta"]},"NotificationsOut":{"type":"object","properties":{"deleted":{"type":"number","description":"Number of deleted notifications for CVEs","example":50}},"required":["deleted"]}}},"servers":[{"url":"/api/vulnerability/v1"}]}