Important
The improved Microsoft 365 Defender portal is now available. This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 Defender portal. Learn what’s new.
Applies to:
- Microsoft 365 Defender
- Microsoft Defender for Endpoint
The DeviceTvmSoftwareVulnerabilitiesKB
table in the advanced hunting schema contains the list of vulnerabilities Threat & Vulnerability Management assesses devices for. Use this reference to construct queries that return information from the table.
For information on other tables in the advanced hunting schema, see the advanced hunting reference.
Column name | Data type | Description |
---|---|---|
CveId |
string |
Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system |
CvssScore |
string |
Severity score assigned to the security vulnerability under th Common Vulnerability Scoring System (CVSS) |
IsExploitAvailable |
boolean |
Indicates whether exploit code for the vulnerability is publicly available |
VulnerabilitySeverityLevel |
string |
Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape |
LastModifiedTime |
datetime |
Date and time the item or related metadata was last modified |
PublishedDate |
datetime |
Date vulnerability was disclosed to public |
VulnerabilityDescription |
string |
Description of vulnerability and associated risks |
AffectedSoftware |
string |
List of all software products affected by the vulnerability |