As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

Mark Vulnerability as Verified - API

/rest/{version}/vulnerabilities/{vulnId}/setVerified

Descriptor

Value

HTTP Method

POST

Description

Update the specified vulnerability's Verified status

Required Permission

Update Vulnerability Verified Status

Version Introduced2.7.2
Changes in 2.7.9Added a parameter 'verified' to control if you set the Verified status to True or False.
Changes in 2.8Added vulnerabilityIds parameter to allow for changing of multiple vulnerabilities at once.


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.

Request POST Data Parameters

Parameter

Value

Required

Description

verified

Boolean

No

Provide 'true' to mark the vulnerability as Verified.  Provide 'false' to mark the vulnerability as Not Verified.

Defaults to 'true' if not provided.

vulnerabilityIdsIntegerYes**When used in ThreadFix 2.8 and above.
Provide a vulnerability ID to change the status for that vulnerability. Adding multiple vulnerabilityIds parameters allows
for changing of multiple vulnerabilities at once. 

Sample Calls: 

Version 2.7.2 to 2.7.9

curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'verified=true' http://localhost:8080/threadfix/rest/latest/vulnerabilities/{vulnerabilityId}/setVerified

Version 2.8 and higher

curl --insecure -H 'content-type: application/x-www-form-urlencoded' -H 'accept: application/json' -H 'Authorization: APIKEY {apiKey}' -X POST --data 'verified=true&vulnerabilityIds=16&vulnerabilityIds=17' http://localhost:8080/threadfix/rest/latest/vulnerabilities/setVerified

Sample Output:


{
    "message": "The vulnerability has been successfully set as verified.",
    "success": true,
    "responseCode": -1,
    "object": 241
}

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.