Get Asset IP Vulnerability
Retrieves detailed information about a specified asset IP vulnerability.
Required Permissions
Available to users with the Member role or higher.
HTTP Request
GET /api/sonar/ip-address-vulnerabilities/:guid
cURL Example
curl -H "Authorization: Bearer <API_KEY>" \
https://HOSTNAME/api/sonar/ip-address-vulnerabilities/9c4e2f3a-1b2d-4c5e-9f8a-3d2c1b4a5e6f
Request Parameters
| Key | Required | Type | Description | Note |
|---|---|---|---|---|
| guid | O | String | Asset IP vulnerability GUID | 36 characters |
Success Response
{
"vulnerability": {
"guid": "9c4e2f3a-1b2d-4c5e-9f8a-3d2c1b4a5e6f",
"cve_id": "CVE-2024-12345",
"status": "IN_PROGRESS",
"emp_guid": "8d352716-cc2e-4e9b-8e00-4cc707ef78fe",
"emp_name": "John Doe",
"diagnosis": "2025-08-13 21:31:55+0900",
"scheduled": "2025-08-20 00:00:00+0900",
"completed": null,
"cvss2": 7.5,
"cvss3": 9.1,
"cvss4": null
}
}
- vulnerability (Object): Asset IP vulnerability information
- guid (String): Vulnerability unique identifier
- cve_id (String): CVE identifier
- status (String): Status (
UNRESOLVED,REVIEWING,IN_PROGRESS,RISK_ACCEPTED,RESOLVED) - emp_guid (String): Contact GUID
- emp_name (String): Contact name
- diagnosis (String): Diagnosis date and time (
yyyy-MM-dd HH:mm:ssZformat) - scheduled (String): Scheduled remediation date (
yyyy-MM-dd HH:mm:ssZformat) - completed (String): Remediation completion date and time (
yyyy-MM-dd HH:mm:ssZformat) - cvss2 (64-bit float): CVSS 2.0 score
- cvss3 (64-bit float): CVSS 3.x score
- cvss4 (64-bit float): CVSS 4.0 score
Error Responses
Asset IP vulnerability does not exist
HTTP status code 200
{
"vulnerability": null
}
Invalid GUID format
HTTP status code 400
{
"error_code": "invalid-param-type",
"error_msg": "guid should be guid type."
}
No permission
HTTP status code 500
{
"error_code": "illegal-state",
"error_msg": "no-permission"
}