Home

Searching for Vulnerabilities

Use the search tokens below to search for vulnerabilities within Container and Image details. Looking for help with writing your query? click here

authType

Use a text value ##### to find vulnerabilities with an authentication type (WINDOWS_AUTH, UNIX_AUTH, ORACLE_AUTH, etc). See Authentication Types in online help for more options.

Example

Show findings with Windows auth type

authType: "WINDOWS_AUTH"

category

Use a text value ##### to find vulnerabilities having a vulnerability category (CGI, Database, DNS, BIND, etc). See Vulnerability Categories in online help for category names.

Example

Show findings with category CGI

category: "CGI"

customerSeverity

Use an integer value ##### to find vulnerabilities with this customer defined severity (1-5).

Examples

Show findings with customer-defined severity 4

customerSeverity: "4"

Show findings with customer-defined severity 5 and category DNS

customerSeverity: "5" AND category: "DNS"

cveids

Use a text value ##### to find the CVE name you're interested in.

Example

Show findings with CVE name CVE-2015-0313

cveids: CVE-2015-0313

cvssInfo.accessVector

Use a text value ##### to find vulnerabilities with specific CVSS access vector.

Example

Show findings with CVSS access vector

cvssInfo.accessVector: "Local"

cvssInfo.baseScore

Use a integer value ##### to find vulnerabilities with specific CVSS base score.

Example

Show findings with CVSS base score

cvssInfo.baseScore: "7.2"

cvssInfo.temporalScore

Use a integer value ##### to find vulnerabilities with specific CVSS temporal score.

Example

Show findings with CVSS temporal score

cvssInfo.temporalScore: "6.2"

cvss3Info.baseScore

Use a integer value ##### to find vulnerabilities with specific CVSS3 base score.

Example

Show findings with CVSS3 base score

cvss3Info.baseScore: "4.3"

cvss3Info.temporalScore

Use a integer value ##### to find vulnerabilities with specific CVSS3 temporal score.

Example

Show findings with CVSS3 temporal score

cvss3Info.temporalScore: "3.8"

discoveryType

Use a text value ##### to find vulnerabilities with a discovery type (REMOTE or AUTHENTICATED).

Example

Show findings with Remote discovery type

discoveryType: "REMOTE"

firstFound

Use a date range or specific date to define when vulnerabilities were first found.

Examples

Show findings first found within certain dates

firstFound: [2017-10-01 ... 2017-10-12]

Show findings first found starting 2017-10-01, ending 1 month ago

firstFound: [2017-10-01 ... now-1M]

Show findings first found starting 2 weeks ago, ending 1 second ago

firstFound: [now-2w ... now-1s]

Show findings first found on certain date

firstFound:'2017-09-22'

Show findings first found in the past 10 days with severity 5

firstFound > now-10d AND severity: "5"

fixed

Use a date range or specific date to define when vulnerabilities were fixed.

Examples

Show findings fixed within certain dates

fixed: [2017-10-01 ... 2017-10-12]

Show findings fixed starting 2017-10-01, ending 1 month ago

fixed: [2017-10-01 ... now-1M]

Show findings fixed starting 2 weeks ago, ending 1 second ago

fixed: [now-2w ... now-1s]

Show findings fixed on certain date

fixed:'2017-09-22'

Show findings fixed in the past 10 days with severity 5

fixed > now-10d AND severity: "5"

lastFound

Use a date range or specific date to define when vulnerabilities were last found.

Examples

Show findings last found within certain dates

lastFound: [2017-10-02 ... 2017-10-15]

Show findings last found starting 2017-10-01, ending 1 month ago

lastFound: [2017-10-01 ... now-1M]

Show findings last found starting 2 weeks ago, ending 1 second ago

lastFound: [now-2w ... now-1s]

Show findings last found on certain date

lastFound:'2017-10-11'

Show findings last found on 2017-10-12 and category CGI

lastFound: '2017-10-12' AND category: "CGI"

product

Use a text value ##### to find vulnerabilities on a certain vendor product (moodle, gnome, code-crafters, etc). See Product References in online help for vendor names.

Example

Show findings for this product

product: "moodle"

result

Use a text value ##### to find software packages that have vulnerabilities. This is scan (QID) test result generated by signature.

Example

Show findings with libexpat1 2.1.0-6+deb8u3 2.1.0-6+deb8u4

result: "libexpat1 2.1.0-6+deb8u3 2.1.0-6+deb8u4"

risk

Use an integer value ##### to find vulnerabilities having a certain risk rating. For confirmed and potential issues risk is 10 times severity, for information gathered it is severity.

Example

Show findings with risk 50

risk: 50

severity

Use an integer value ##### to find vulnerabilities with this Qualys defined severity (1-5).

Example

Show findings with severity 4

severity: "4"

Show findings with severity 5 and category DNS

severity: "5" AND category: "DNS"

status

Use a text value ##### to find vulnerabilities with a vulnerability status (OPEN, FIXED or REOPENED).

Example

Show findings with this status

status: "OPEN"

supportedBy

Use a text value ##### to find vulnerabilities that are supported by a Qualys product (VM, WAS, MD, WAF, CA-Windows Agent, CA-Linux Agent, CA-Mac Agent).

Example

Show findings supported by VM

supportedBy: "VM"

threatIntel.activeAttacks

Use the values true | false to find vulnerabilities leading to real-time threats due to active attacks.

Example

Show containers exposed to threats due to active attacks

threatIntel.activeAttacks: true

threatIntel.denialOfService

Use the values true | false to find vulnerabilities leading to real-time threats due to denial of service.

Example

Show containers having threats due to denial of service

threatIntel.denialOfService: true

threatIntel.easyExploit

Use the values true | false to find vulnerabilities leading to real-time threats due to easy exploit.

Example

Show containers exposed to threats due to easy exploit

threatIntel.easyExploit: true

threatIntel.highDataLoss

Use the values true | false to find vulnerabilities leading to real-time threats due to high data loss.

Example

Show containers exposed to threats due to high data loss

threatIntel.highDataLoss: true

threatIntel.highLateralMovement

Use the values true | false to find vulnerabilities leading to real-time threats due to high lateral movement.

Example

Show containers exposed to threats due to high lateral movement

threatIntel.highLateralMovement: true

threatIntel.malware

Use the values true | false to find vulnerabilities leading to real-time threats due to malware.

Example

Show containers exposed to threats due to malware

threatIntel.malware: true

threatIntel.noPatch

Use the values true | false to find vulnerabilities leading to real-time threats due to no patch available.

Example

Show containers exposed to threats due to no patch available

threatIntel.noPatch: true

threatIntel.publicExploit

Use the values true | false to find vulnerabilities leading to real-time threats due to public exploit.

Example

Show containers exposed to threats due to public exploit

threatIntel.publicExploit: true

typeDetected

Use a text value ##### to find vulnerabilities with a detection type (CONFIRMED or POTENTIAL).

Example

Show findings with this detection type

typeDetected: "CONFIRMED"

vendor

Use a text value ##### to find vulnerabilities on product from a certain vendor. See Vendor References in online help for vendor names.

Example

Show findings for this vendor

vendor: "vendor-name"

qid

Use an integer value ##### to provide a QID to find certain vulnerability.

Example

Show findings with QID 90405

qid: 90405

title

Use an text value ##### to provide a title to find certain vulnerability.

Example

Show findings with title

title: title text

software.name

Use a text value ##### to find vulnerability present in certain software.

Example

Show findings with software name

software.name: my-app

software.version

Use a text value ##### to find vulnerability present in certain software version.

Example

Show findings with software version

software.version: 8.0

software.fixVersion

Use a text value ##### to find vulnerability present in certain software fix version.

Example

Show findings with certain fix version

software.fixVersion: 8.0