@@ -4,7 +4,7 @@ title: Container vulnerability assessments powered by Microsoft Defender Vulnera
44description : Learn about container vulnerability assessments powered by Microsoft Defender Vulnerability Management subassessments
55author : dcurwin
66ms.author : dacurwin
7- ms.date : 08/16 /2023
7+ ms.date : 09/11 /2023
88ms.topic : how-to
99---
1010
@@ -33,7 +33,7 @@ For more information on how to get started with our REST API, see [Azure REST AP
3333| Name | In | Required | Type | Description |
3434| ----------------- | ----- | -------- | ------ | ------------------------------------------------------------ |
3535| assessmentName | path | True | string | The Assessment Key - Unique key for the assessment type |
36- | scope | path | True | string | Scope of the query. Can be subscription (/subscriptions/0b06d9ea-afe6-4779-bd59-30e5c2d9d13f ) or management group (/providers/Microsoft.Management/managementGroups/mgName). |
36+ | scope | path | True | string | Scope of the query. Can be subscription (/subscriptions/{SubscriptionID} ) or management group (/providers/Microsoft.Management/managementGroups/mgName). |
3737| subAssessmentName | path | True | string | The Sub-Assessment Key - Unique key for the subassessment type |
3838| api-version | query | True | string | API version for the operation |
3939
8787
8888#### GET
8989
90- ` https://management.azure.com/subscriptions/ 6ebb89c4-0e91-4f62-888f-c9518e662293 /resourceGroups/myResourceGroup/providers/Microsoft.ContainerRegistry/registries/myRegistry/providers/Microsoft.Security/assessments/ cf02effd-8e33-4b84-a012-1e61cf1a5638 /subAssessments?api-version=2019-01-01-preview `
90+ ` https://management.azure.com/subscriptions/{SubscriptionID} /resourceGroups/myResourceGroup/providers/Microsoft.ContainerRegistry/registries/myRegistry/providers/Microsoft.Security/assessments/{SubscriptionID} /subAssessments?api-version=2019-01-01-preview `
9191
9292#### Sample Response
9393
9696 "value" : [
9797 {
9898 "type" : " Microsoft.Security/assessments/subAssessments"
99- "id" : " /subscriptions/3905431d-c062-4c17-8fd9-c51f89f334c4 /resourceGroups/PytorchEnterprise/providers/Microsoft.ContainerRegistry/registries/ptebic/providers/Microsoft.Security/assessments/c0b7cfc6-3172-465a-b378-53c7ff2cc0d5/subassessments/3f069764-2777-3731-9698-c87f23569a1d"
100- "name" : " 3f069764-2777-3731-9698-c87f23569a1d "
99+ "id" : " /subscriptions/{SubscriptionID} /resourceGroups/PytorchEnterprise/providers/Microsoft.ContainerRegistry/registries/ptebic/providers/Microsoft.Security/assessments/c0b7cfc6-3172-465a-b378-53c7ff2cc0d5/subassessments/3f069764-2777-3731-9698-c87f23569a1d"
100+ "name" : " {name} "
101101 "properties" : {
102102 "id" : " CVE-2021-39537"
103103 "displayName" : " CVE-2021-39537"
@@ -253,7 +253,7 @@ Context details for the affected container image
253253| artifactType | String: ContainerImage | |
254254| mediaType | String | Layer media type |
255255| Digest | String | Digest of vulnerable image |
256- | Tags | String[ ] | Tags of vulnerable image |
256+ | Tags | String | Tags of vulnerable image |
257257
258258### Software Details
259259
@@ -269,7 +269,7 @@ Details for the affected software package
269269| vendor | String | |
270270| packageName | String | |
271271| fixStatus | String | Unknown, FixAvailable, NoFixAvailable, Scheduled, WontFix |
272- | evidence | String[ ] | Evidence for the package |
272+ | evidence | String | Evidence for the package |
273273| fixReference | FixReference | |
274274
275275### FixReference
@@ -303,9 +303,9 @@ Details on the detected vulnerability
303303| publishedDate | Timestamp | Published date |
304304| ExploitabilityAssessment | ExploitabilityAssessment | |
305305| CVSS | Dictionary <string, CVSS> | Dictionary from cvss version to cvss details object |
306- | Workarounds | Workaround[ ] | Published workarounds for vulnerability |
306+ | Workarounds | Workaround | Published workarounds for vulnerability |
307307| References | VulnerabilityReference | |
308- | Weaknesses | Weakness[ ] | |
308+ | Weaknesses | Weakness | |
309309| cveId | String | CVE ID |
310310| Cpe | CPE | |
311311
@@ -329,7 +329,7 @@ Details on the detected vulnerability
329329
330330| ** Name** | ** Type** | ** Description** |
331331| -------- | -------- | --------------- |
332- | Cwe | Cwe[ ] | |
332+ | Cwe | Cwe | |
333333
334334### Cwe (Common weakness enumeration)
335335
@@ -354,11 +354,11 @@ Reference links to an example exploit
354354
355355| ** Name** | ** Type** | ** Description** |
356356| --------------------- | -------- | ------------------------------------------------------------ |
357- | exploitUris | String[ ] | |
357+ | exploitUris | String | |
358358| exploitStepsPublished | Boolean | Had the exploits steps been published |
359359| exploitStepsVerified | Boolean | Had the exploit steps verified |
360360| isInExploitKit | Boolean | Is part of the exploit kit |
361- | types | String[ ] | Exploit types, for example: NotAvailable, Dos, Local, Remote, WebApps, PrivilegeEscalation |
361+ | types | String | Exploit types, for example: NotAvailable, Dos, Local, Remote, WebApps, PrivilegeEscalation |
362362
363363### AzureResourceDetails
364364
@@ -375,9 +375,9 @@ Common error response for all Azure Resource Manager APIs to return error detail
375375
376376| ** Name** | ** Type** | ** Description** |
377377| -------------------- | ------------------------------------------------------------ | -------------------------- |
378- | error.additionalInfo | [ ErrorAdditionalInfo] ( /rest/api/defenderforcloud/sub-assessments/list#erroradditionalinfo ) [ ] | The error additional info. |
378+ | error.additionalInfo | [ ErrorAdditionalInfo] ( /rest/api/defenderforcloud/sub-assessments/list#erroradditionalinfo ) | The error additional info. |
379379| error.code | string | The error code. |
380- | error.details | [ CloudErrorBody] ( /rest/api/defenderforcloud/sub-assessments/list?tabs=HTTP#clouderrorbody ) [ ] | The error details. |
380+ | error.details | [ CloudErrorBody] ( /rest/api/defenderforcloud/sub-assessments/list?tabs=HTTP#clouderrorbody ) | The error details. |
381381| error.message | string | The error message. |
382382| error.target | string | The error target. |
383383
@@ -387,9 +387,9 @@ The error detail.
387387
388388| ** Name** | ** Type** | ** Description** |
389389| -------------- | ------------------------------------------------------------ | -------------------------- |
390- | additionalInfo | [ ErrorAdditionalInfo] ( /rest/api/defenderforcloud/sub-assessments/list#erroradditionalinfo ) [ ] | The error additional info. |
390+ | additionalInfo | [ ErrorAdditionalInfo] ( /rest/api/defenderforcloud/sub-assessments/list#erroradditionalinfo ) | The error additional info. |
391391| code | string | The error code. |
392- | details | [ CloudErrorBody] ( /rest/api/defenderforcloud/sub-assessments/list#clouderrorbody ) [ ] | The error details. |
392+ | details | [ CloudErrorBody] ( /rest/api/defenderforcloud/sub-assessments/list#clouderrorbody ) | The error details. |
393393| message | string | The error message. |
394394| target | string | The error target. |
395395
@@ -429,4 +429,4 @@ List of security subassessments
429429| ** Name** | ** Type** | ** Description** |
430430| -------- | ------------------------------------------------------------ | ------------------------------------- |
431431| nextLink | string | The URI to fetch the next page. |
432- | value | [ SecuritySubAssessment] ( /rest/api/defenderforcloud/sub-assessments/list?tabs=HTTP#securitysubassessment ) [ ] | Security subassessment on a resource |
432+ | value | [ SecuritySubAssessment] ( /rest/api/defenderforcloud/sub-assessments/list?tabs=HTTP#securitysubassessment ) | Security subassessment on a resource |
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments