Microsoft Defender · Schema
Vulnerability
Represents a known vulnerability (CVE) detected by Microsoft Defender Vulnerability Management, including severity, CVSS scoring, exploit information, and exposure metrics.
Properties
| Name | Type | Description |
|---|---|---|
| id | string | The vulnerability ID (CVE identifier). |
| name | string | The vulnerability title. |
| description | string | A detailed description of the vulnerability. |
| severity | string | The severity of the vulnerability. |
| cvssV3 | numbernull | The CVSS v3 score. |
| cvssVector | stringnull | A compressed textual representation that reflects the values used to derive the CVSS score. |
| exposedMachines | integer | The number of exposed devices. |
| publishedOn | string | The date when the vulnerability was published. |
| updatedOn | string | The date when the vulnerability was last updated. |
| publicExploit | boolean | Whether a public exploit exists. |
| exploitVerified | boolean | Whether the exploit has been verified to work. |
| exploitInKit | boolean | Whether the exploit is part of an exploit kit. |
| exploitTypes | array | The types of exploit effects. |
| exploitUris | array | Exploit source URLs. |
| cveSupportability | string | The CVE supportability status. |
| epss | numbernull | The Exploit Prediction Scoring System (EPSS) probability that the vulnerability will be exploited, expressed as a value between 0 and 1. |
| status | stringnull | The remediation status of the vulnerability. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/Vulnerability",
"title": "Vulnerability",
"type": "object",
"description": "Represents a known vulnerability (CVE) detected by Microsoft Defender Vulnerability Management, including severity, CVSS scoring, exploit information, and exposure metrics.",
"properties": {
"id": {
"type": "string",
"description": "The vulnerability ID (CVE identifier).",
"examples": [
"CVE-2024-7256"
]
},
"name": {
"type": "string",
"description": "The vulnerability title."
},
"description": {
"type": "string",
"description": "A detailed description of the vulnerability."
},
"severity": {
"type": "string",
"description": "The severity of the vulnerability.",
"enum": [
"Low",
"Medium",
"High",
"Critical"
]
},
"cvssV3": {
"type": [
"number",
"null"
],
"format": "double",
"description": "The CVSS v3 score."
},
"cvssVector": {
"type": [
"string",
"null"
],
"description": "A compressed textual representation that reflects the values used to derive the CVSS score.",
"examples": [
"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
]
},
"exposedMachines": {
"type": "integer",
"format": "int64",
"description": "The number of exposed devices."
},
"publishedOn": {
"type": "string",
"format": "date-time",
"description": "The date when the vulnerability was published."
},
"updatedOn": {
"type": "string",
"format": "date-time",
"description": "The date when the vulnerability was last updated."
},
"publicExploit": {
"type": "boolean",
"description": "Whether a public exploit exists."
},
"exploitVerified": {
"type": "boolean",
"description": "Whether the exploit has been verified to work."
},
"exploitInKit": {
"type": "boolean",
"description": "Whether the exploit is part of an exploit kit."
},
"exploitTypes": {
"type": "array",
"items": {
"type": "string"
},
"description": "The types of exploit effects.",
"examples": [
[
"Local privilege escalation",
"Denial of service",
"Local"
]
]
},
"exploitUris": {
"type": "array",
"items": {
"type": "string",
"format": "uri"
},
"description": "Exploit source URLs."
},
"cveSupportability": {
"type": "string",
"description": "The CVE supportability status.",
"enum": [
"Supported",
"NotSupported",
"SupportedInPremium"
]
},
"epss": {
"type": [
"number",
"null"
],
"description": "The Exploit Prediction Scoring System (EPSS) probability that the vulnerability will be exploited, expressed as a value between 0 and 1.",
"minimum": 0,
"maximum": 1
},
"status": {
"type": [
"string",
"null"
],
"description": "The remediation status of the vulnerability.",
"enum": [
"RemediationRequired",
"NoActionRequired",
"UnderException",
"PartialException",
null
]
}
}
}