Asset Management v2 API
Vulnerability Management API
Asset Tagging v1 API
Platform v1 API
Query API v1
Retrieve a specific suspected vulnerability
Fetches detailed information for a single suspected vulnerability by its unique identifier. Returns comprehensive vulnerability data including metadata, triage information, and related assets.
curl --request GET \
--url https://{environment}.synack.com/api/vulnerability/v1/organizations/{organizationUid}/suspected-vulnerabilities/{id}{
"suspectedVulnerability": {
"id": 2000,
"assetUid": "ah28034gsjdf98eqwgbjufj",
"listingUid": "ah28034gsjdf",
"listingCodename": "ACME-H001",
"organizationUid": "ah28034gsjdf",
"categoryInScope": true,
"confidence": "firm",
"cvssBase": 5.4,
"exploitableLocations": [
{}
],
"falsePositive": true,
"payload": {},
"referenceUrls": [
"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html",
"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html"
],
"severity": "low",
"source": "synack",
"sourceId": "job-abc-123",
"vulnerabilityStatusId": 123,
"reasonTitle": "<string>",
"reasonDescription": "<string>",
"automatedTriageStatus": "<string>",
"automatedTriageStatusUpdatedAt": "2023-12-25T15:45:30.123Z",
"cves": [
"CVE-2025-1238923"
],
"cwes": [
"CWE-1238923"
],
"status": "<string>",
"typeId": "Type-69d55e",
"typeTitle": "SQL Injection",
"typeCategoryId": "<string>",
"typeCategoryParentName": "<string>",
"typeCategoryChildName": "<string>",
"typeDescription": "<string>",
"exploitableVulnerabilityId": "test_e859b6a8371c-m001-4",
"createdAt": "2023-12-25T15:45:30.123Z",
"lastDetectedAt": "2023-12-25T15:45:30.123Z",
"triageIneligibleReason": "Triage already started or performed.",
"solution": "Microsoft has released security update KB5002113 to address this issue.",
"vendorRiskScore": 1.3,
"triages": [
{
"id": "<string>",
"content": {
"thoughts": [
{
"triageId": "<string>",
"targetId": "<string>",
"thoughtId": "<string>",
"thoughtType": "<string>",
"thoughtContent": "<string>",
"toolExecution": {
"name": "<string>",
"input": "<string>",
"output": "<string>",
"error": "<string>"
},
"block": {
"parentThoughtId": "<string>",
"predecessorThoughtId": "<string>"
},
"addedAt": "2023-11-07T05:31:56Z"
}
],
"report": "<string>"
}
}
]
},
"metadata": {
"pagination": {
"total": 123,
"page": 123,
"perPage": 123,
"totalPages": 123,
"prev": "<string>",
"next": "<string>",
"first": "<string>",
"last": "<string>",
"self": "<string>"
},
"actions": {}
}
}Path Parameters
Unique identifier for the organization that owns the vulnerability being retrieved
Unique identifier for the specific suspected vulnerability to retrieve
Response
Successfully retrieved detailed information for a single suspected vulnerability, including associated triage data and related metadata.
Extended suspected vulnerability schema that includes embedded triage assessments. Used specifically for single vulnerability responses where triage data is included.
Show child attributes
Show child attributes
Unique numeric identifier for the suspected vulnerability
2000
Unique identifier for the asset where the vulnerability was discovered
"ah28034gsjdf98eqwgbjufj"
Unique identifier for the penetration testing listing/engagement scope
"ah28034gsjdf"
Human-readable codename for the penetration testing engagement
"ACME-H001"
Unique identifier for the organization that owns this vulnerability
"ah28034gsjdf"
Indicates whether this vulnerability category is within the current testing scope
Confidence level of the vulnerability assessment (e.g., 'firm', 'tentative', 'certain')
"firm"
CVSS (Common Vulnerability Scoring System) base score indicating severity (0-10 scale)
5.4
Flag indicating whether this vulnerability has been determined to be a false positive
External reference URLs providing additional context about the vulnerability
[
"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html",
"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html"
]Normalized severity classification (e.g., 'low', 'medium', 'high', 'critical')
"low"
Tool or system that originally detected this vulnerability
"synack"
Unique identifier for the source job or detection run that created this vulnerability
"job-abc-123"
Numeric identifier for the vulnerability's current status in the workflow
Brief title explaining the reason for the current status or assessment
Detailed explanation of the reasoning behind the current status or triage decision
Current status of the vulnerability in the automated triage workflow
ISO 8601 timestamp when the automated triage status was last updated
"2023-12-25T15:45:30.123Z"
List of Common Vulnerabilities and Exposures (CVE) identifiers associated with this vulnerability
List of Common Weakness Enumeration (CWE) identifiers classifying this vulnerability type
Current workflow status of the vulnerability (e.g., 'eligible', 'vulnerable', 'not_vulnerable')
String identifier for the vulnerability type classification
"Type-69d55e"
Title of the vulnerability type
"SQL Injection"
Identifier for the category that this vulnerability type belongs to
Name of the parent category for hierarchical vulnerability classification
Name of the child category for hierarchical vulnerability classification
Description of the vulnerability type
Unique identifier linking this vulnerability to exploitable vulnerability records
"test_e859b6a8371c-m001-4"
ISO 8601 timestamp when the vulnerability was first created in the system
"2023-12-25T15:45:30.123Z"
ISO 8601 timestamp when the vulnerability was most recently detected or confirmed
"2023-12-25T15:45:30.123Z"
Reason why the vulnerability is not eligible for automated triage
"Triage already started or performed."
Solution to the vulnerability
"Microsoft has released security update KB5002113 to address this issue."
A risk score value provided by the vendor of the imported vulnerability.
1.3
Associated triage assessments for this vulnerability
Show child attributes
Show child attributes
Unique identifier for this triage assessment
Detailed content of the triage analysis
Show child attributes
Show child attributes
List of analytical thoughts or observations from the triage process
Show child attributes
Show child attributes
Unique identifier for this triage assessment
Unique identifier for the target of this triage assessment
Unique identifier for this thought
Type of thought
Content of the thought
Tool execution data for a vulnerability triage, including analysis and reporting
Show child attributes
Show child attributes
Name of the tool
Input to the tool
Output of the tool
Error of the tool
Block data for a vulnerability triage, including analysis and reporting
ISO 8601 timestamp when the thought was added
Comprehensive triage report with findings and recommendations
Additional metadata accompanying API responses
Show child attributes
Show child attributes
Pagination metadata for navigating through large result sets
Show child attributes
Show child attributes
Total number of items across all pages
Current page number (1-based)
Number of items per page
Total number of pages available
URL for the previous page (null if on first page)
URL for the next page (null if on last page)
URL for the first page
URL for the last page
URL for the current page
Available actions that can be performed on the returned data
curl --request GET \
--url https://{environment}.synack.com/api/vulnerability/v1/organizations/{organizationUid}/suspected-vulnerabilities/{id}{
"suspectedVulnerability": {
"id": 2000,
"assetUid": "ah28034gsjdf98eqwgbjufj",
"listingUid": "ah28034gsjdf",
"listingCodename": "ACME-H001",
"organizationUid": "ah28034gsjdf",
"categoryInScope": true,
"confidence": "firm",
"cvssBase": 5.4,
"exploitableLocations": [
{}
],
"falsePositive": true,
"payload": {},
"referenceUrls": [
"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html",
"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html"
],
"severity": "low",
"source": "synack",
"sourceId": "job-abc-123",
"vulnerabilityStatusId": 123,
"reasonTitle": "<string>",
"reasonDescription": "<string>",
"automatedTriageStatus": "<string>",
"automatedTriageStatusUpdatedAt": "2023-12-25T15:45:30.123Z",
"cves": [
"CVE-2025-1238923"
],
"cwes": [
"CWE-1238923"
],
"status": "<string>",
"typeId": "Type-69d55e",
"typeTitle": "SQL Injection",
"typeCategoryId": "<string>",
"typeCategoryParentName": "<string>",
"typeCategoryChildName": "<string>",
"typeDescription": "<string>",
"exploitableVulnerabilityId": "test_e859b6a8371c-m001-4",
"createdAt": "2023-12-25T15:45:30.123Z",
"lastDetectedAt": "2023-12-25T15:45:30.123Z",
"triageIneligibleReason": "Triage already started or performed.",
"solution": "Microsoft has released security update KB5002113 to address this issue.",
"vendorRiskScore": 1.3,
"triages": [
{
"id": "<string>",
"content": {
"thoughts": [
{
"triageId": "<string>",
"targetId": "<string>",
"thoughtId": "<string>",
"thoughtType": "<string>",
"thoughtContent": "<string>",
"toolExecution": {
"name": "<string>",
"input": "<string>",
"output": "<string>",
"error": "<string>"
},
"block": {
"parentThoughtId": "<string>",
"predecessorThoughtId": "<string>"
},
"addedAt": "2023-11-07T05:31:56Z"
}
],
"report": "<string>"
}
}
]
},
"metadata": {
"pagination": {
"total": 123,
"page": 123,
"perPage": 123,
"totalPages": 123,
"prev": "<string>",
"next": "<string>",
"first": "<string>",
"last": "<string>",
"self": "<string>"
},
"actions": {}
}
}