Feature Request: Filter Vulnerability Export by Asset UUID
Endpoint: POST /vulns/export
Problem
Currently, the Vulnerability Management export API does not support filtering vulnerabilities by asset_uuid. This makes it difficult to retrieve a consolidated view of all vulnerabilities associated with a specific asset.
The available workarounds have significant limitations:
- Filtering by
cidr_range may return vulnerabilities from multiple assets sharing the same IP, or miss assets with dynamic/multiple IPs.
- Filtering by
scan_uuid only returns vulnerabilities detected in a single scan execution, not the full consolidated history of the asset.
In contrast, the WAS export API (POST /was/v1/export/vulns) already supports asset_uuid as a filter. Having the same capability in the VM export API would provide consistency across both products.
Proposed Solution
Add asset_uuid as a supported filter parameter in the POST /vulns/export endpoint, accepting one or more UUIDs:
{
"filters": {
"asset_uuid": [
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
],
"state": ["OPEN", "REOPENED"]
}
}Use Case
When building integrations or dashboards that aggregate vulnerability data per asset — across both VM and WAS sources — it is essential to query vulnerabilities using a stable, unique identifier. The asset_uuid is already shared across both products and is the natural key for this kind of cross-source correlation.
Expected Behavior
The export should return all open/reopened/fixed vulnerabilities associated with the specified asset UUID(s), reflecting the consolidated state as shown in the Tenable Vulnerability Management UI.
Current Behavior
The asset_uuid filter is not available in POST /vulns/export. The closest alternative (cidr_range) is unreliable for assets with dynamic or multiple IP addresses.
Additional Context
- The WAS export API already supports this filter:
POST /was/v1/export/vulns → filters.asset_uuid
- This feature would significantly simplify integrations that need a unified vulnerability view per asset across VM and WAS sources.
Feature Request: Filter Vulnerability Export by Asset UUID
Endpoint:
POST /vulns/exportProblem
Currently, the Vulnerability Management export API does not support filtering vulnerabilities by
asset_uuid. This makes it difficult to retrieve a consolidated view of all vulnerabilities associated with a specific asset.The available workarounds have significant limitations:
cidr_rangemay return vulnerabilities from multiple assets sharing the same IP, or miss assets with dynamic/multiple IPs.scan_uuidonly returns vulnerabilities detected in a single scan execution, not the full consolidated history of the asset.In contrast, the WAS export API (
POST /was/v1/export/vulns) already supportsasset_uuidas a filter. Having the same capability in the VM export API would provide consistency across both products.Proposed Solution
Add
asset_uuidas a supported filter parameter in thePOST /vulns/exportendpoint, accepting one or more UUIDs:{ "filters": { "asset_uuid": [ "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" ], "state": ["OPEN", "REOPENED"] } }Use Case
When building integrations or dashboards that aggregate vulnerability data per asset — across both VM and WAS sources — it is essential to query vulnerabilities using a stable, unique identifier. The
asset_uuidis already shared across both products and is the natural key for this kind of cross-source correlation.Expected Behavior
The export should return all open/reopened/fixed vulnerabilities associated with the specified asset UUID(s), reflecting the consolidated state as shown in the Tenable Vulnerability Management UI.
Current Behavior
The
asset_uuidfilter is not available inPOST /vulns/export. The closest alternative (cidr_range) is unreliable for assets with dynamic or multiple IP addresses.Additional Context
POST /was/v1/export/vulns→filters.asset_uuid