2025/08/08 - Inspector2 - 1 updated api methods
Changes Add CVSSV4 to Vulnerability Search API and update enable/disable account id list length to 5
{'vulnerabilities': {'cvss4': {'baseScore': 'double',
'scoringVector': 'string'}}}
Lists Amazon Inspector coverage details for a specific vulnerability.
See also: AWS API Documentation
Request Syntax
client.search_vulnerabilities(
filterCriteria={
'vulnerabilityIds': [
'string',
]
},
nextToken='string'
)
dict
[REQUIRED]
The criteria used to filter the results of a vulnerability search.
vulnerabilityIds (list) -- [REQUIRED]
The IDs for specific vulnerabilities.
(string) --
string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.
dict
Response Syntax
{
'vulnerabilities': [
{
'id': 'string',
'cwes': [
'string',
],
'cisaData': {
'dateAdded': datetime(2015, 1, 1),
'dateDue': datetime(2015, 1, 1),
'action': 'string'
},
'source': 'NVD',
'description': 'string',
'atigData': {
'firstSeen': datetime(2015, 1, 1),
'lastSeen': datetime(2015, 1, 1),
'targets': [
'string',
],
'ttps': [
'string',
]
},
'vendorSeverity': 'string',
'cvss4': {
'baseScore': 123.0,
'scoringVector': 'string'
},
'cvss3': {
'baseScore': 123.0,
'scoringVector': 'string'
},
'relatedVulnerabilities': [
'string',
],
'cvss2': {
'baseScore': 123.0,
'scoringVector': 'string'
},
'vendorCreatedAt': datetime(2015, 1, 1),
'vendorUpdatedAt': datetime(2015, 1, 1),
'sourceUrl': 'string',
'referenceUrls': [
'string',
],
'exploitObserved': {
'lastSeen': datetime(2015, 1, 1),
'firstSeen': datetime(2015, 1, 1)
},
'detectionPlatforms': [
'string',
],
'epss': {
'score': 123.0
}
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
vulnerabilities (list) --
Details about the listed vulnerability.
(dict) --
Contains details about a specific vulnerability Amazon Inspector can detect.
id (string) --
The ID for the specific vulnerability.
cwes (list) --
The Common Weakness Enumeration (CWE) associated with the vulnerability.
(string) --
cisaData (dict) --
An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.
dateAdded (datetime) --
The date and time CISA added this vulnerability to their catalogue.
dateDue (datetime) --
The date and time CISA expects a fix to have been provided vulnerability.
action (string) --
The remediation action recommended by CISA for this vulnerability.
source (string) --
The source of the vulnerability information. Possible results are RHEL, AMAZON_CVE, DEBIAN or NVD.
description (string) --
A description of the vulnerability.
atigData (dict) --
An object that contains information about the Amazon Web Services Threat Intel Group (ATIG) details for the vulnerability.
firstSeen (datetime) --
The date and time this vulnerability was first observed.
lastSeen (datetime) --
The date and time this vulnerability was last observed.
targets (list) --
The commercial sectors this vulnerability targets.
(string) --
ttps (list) --
The MITRE ATT&CK tactics, techniques, and procedures (TTPs) associated with vulnerability.
(string) --
vendorSeverity (string) --
The severity assigned by the vendor.
cvss4 (dict) --
An object that contains the Common Vulnerability Scoring System (CVSS) Version 4 details for the vulnerability.
baseScore (float) --
The base CVSS v4 score for the vulnerability finding, which rates the severity of the vulnerability on a scale from 0 to 10.
scoringVector (string) --
The CVSS v4 scoring vector, which contains the metrics and measurements that were used to calculate the base score.
cvss3 (dict) --
An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.
baseScore (float) --
The CVSS v3 base score for the vulnerability.
scoringVector (string) --
The scoring vector associated with the CVSS v3 score.
relatedVulnerabilities (list) --
A list of related vulnerabilities.
(string) --
cvss2 (dict) --
An object that contains the Common Vulnerability Scoring System (CVSS) Version 2 details for the vulnerability.
baseScore (float) --
The CVSS v2 base score for the vulnerability.
scoringVector (string) --
The scoring vector associated with the CVSS v2 score.
vendorCreatedAt (datetime) --
The date and time when the vendor created this vulnerability.
vendorUpdatedAt (datetime) --
The date and time when the vendor last updated this vulnerability.
sourceUrl (string) --
A link to the official source material for this vulnerability.
referenceUrls (list) --
Links to various resources with more information on this vulnerability.
(string) --
exploitObserved (dict) --
An object that contains details on when the exploit was observed.
lastSeen (datetime) --
The date an time when the exploit was last seen.
firstSeen (datetime) --
The date an time when the exploit was first seen.
detectionPlatforms (list) --
Platforms that the vulnerability can be detected on.
(string) --
epss (dict) --
An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.
score (float) --
The Exploit Prediction Scoring System (EPSS) score.
nextToken (string) --
The pagination parameter to be used on the next list operation to retrieve more items.