Skip to content

Get FalconContainerVulnerability

Jump to bottom
bk-cs edited this page Sep 4, 2024 · 10 revisions

Get-FalconContainerVulnerability

SYNOPSIS

Search for Falcon Cloud Security container image vulnerabilities

DESCRIPTION

Requires 'Falcon Container Image: Read'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Id String CVE identifier X X
Filter String Falcon Query Language expression to limit results

base_os
cid
container_id
container_running_status
containers_impacted_range
cps_rating
cve_id
cvss_score
description
exploited_status
exploited_status_name
fix_status
image_digest
image_id
images_impacted_range
package_name_version
registry
repository
severity
tag
Sort String Property and direction to sort results cps_current_rating.asc
cps_current_rating.desc
cve_id.asc
cve_id.desc
cvss_score.asc
cvss_score.desc
description.asc
description.desc
images_impacted.asc
images_impacted.desc
packages_impacted.asc
packages_impacted.desc
severity.asc
severity.desc
Limit Int32 Maximum number of results per request
Offset Int32 Position to begin retrieving results
All Switch Repeat requests until all available results are retrieved
Total Switch Display total result count instead of results

SYNTAX

Get-FalconContainerVulnerability [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [-Offset <Int32>] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconContainerVulnerability -Id <String> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /container-security/combined/vulnerabilities/info/v1
GET /container-security/combined/vulnerabilities/v1

falconpy

ReadCombinedVulnerabilities
ReadCombinedVulnerabilitiesInfo

USAGE

Request vulnerability results

$Package = @(
    @{
        Vendor = 'Debian MySQL Maintainers <[email protected]>'
        Product = 'mariadb-server-core-10.1'
        MajorVersion = '10.1.26-0+deb9u1'
        SoftwareArchitecture = 'amd64'
        PackageProvider = 'DPKG'
        PackageSource = 'mariadb-10.1 10.126-0+deb9u1'
        Status = 'install ok installed'
        LayerHash = '80f9a8427b1826f014f873dc471b6a89916ff79550bcd1c94aadd78c3f5bbdc7'
        LayerIndex = 1
    }
)
Get-FalconContainerVulnerability -OsVersion 'Debian GNU 9' -Package $Package

2024-09-03: PSFalcon v2.2.7

Clone this wiki locally