{"uuid": "2898b5b8-abcf-424c-bf16-aae78a7b36af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26612", "type": "seen", "source": "https://gist.github.com/gfussNET/873e9e64a9664e3b146176c7102074b0", "content": "### Create Service Account in Wiz\n- Save Client ID and Client Secret\n### Obtain Bearer Token with Service Account\n```bash\ncurl --request POST \\ \n--url 'https://auth.app.wiz.io/oauth/token' \\\n--header 'content-type: application/x-www-form-urlencoded' \\\n--data grant_type=client_credentials \\\n--data client_id=asdfasdfasdf \\\n--data client_secret=asdfasdfasdf \\\n--data audience=wiz-api\n```\n- In returned JSON, the bearer token is \"access_token\"\n### Create a JSON file of the GraphQL query\nAs the query will be a larger JSON string, it's best to place it in a file that we can reference with the -d or --data flag of curl\nquery.json\n```json\n {\n \"query\": \"query VulnerabilityFindingsPage($filterBy: VulnerabilityFindingFilters, $first: Int, $after: String, $orderBy: VulnerabilityFindingOrder) { vulnerabilityFindings( filterBy: $filterBy first: $first after: $after orderBy: $orderBy ) { nodes { id portalUrl name CVEDescription CVSSSeverity score exploitabilityScore severity nvdSeverity weightedSeverity impactScore origin dataSourceName hasExploit hasFix hasCisaKevExploit status isHighProfileThreat vendorSeverity firstDetectedAt lastDetectedAt resolvedAt description remediation detailedName version fixedVersion detectionMethod link locationPath artifactType { ...SBOMArtifactTypeFragment } resolutionReason epssSeverity epssPercentile epssProbability validatedInRuntime layerMetadata { id details isBaseLayer } vcsCodeAuthors { name properties } vcsCodeOwners { name properties } projects { id name slug businessUnit riskProfile { businessImpact } } ignoreRules { id name enabled expiredAt } cvssv2 { attackVector attackComplexity confidentialityImpact integrityImpact privilegesRequired userInteractionRequired } cvssv3 { attackVector attackComplexity confidentialityImpact integrityImpact privilegesRequired userInteractionRequired availabilityImpact } relatedIssueAnalytics { issueCount criticalSeverityCount highSeverityCount mediumSeverityCount lowSeverityCount informationalSeverityCount } cnaScore vulnerableAsset { ... on VulnerableAssetBase { id type name region providerUniqueId cloudProviderURL cloudPlatform nativeType status subscriptionName subscriptionExternalId subscriptionId tags hasLimitedInternetExposure hasWideInternetExposure isAccessibleFromVPN isAccessibleFromOtherVnets isAccessibleFromOtherSubscriptions } ... on VulnerableAssetVirtualMachine { operatingSystem ipAddresses imageName computeInstanceGroup { id externalId name replicaCount tags } } ... on VulnerableAssetServerless { runtime } ... on VulnerableAssetRepositoryBranch { id type name cloudPlatform repositoryId repositoryName nativeType isUsedOnPrem } ... on VulnerableAssetContainerImage { imageId scanSource registry { name externalId } repository { name externalId } executionControllers { id name entityType externalId providerUniqueId name subscriptionExternalId subscriptionId subscriptionName ancestors { id name entityType externalId providerUniqueId } } } ... on VulnerableAssetContainer { ImageExternalId VmExternalId ServerlessContainer PodNamespace PodName NodeName } } } pageInfo { hasNextPage endCursor } } } fragment SBOMArtifactTypeFragment on SBOMArtifactType { group codeLibraryLanguage osPackageManager hostedTechnology { name } plugin custom } \",\n \"variables\": {\n \"first\": 100,\n \"filterBy\": {\n \"vulnerabilityExternalIdV2\": {\n \"equals\": [\n \"CVE-2022-26612\"\n ]\n },\n \"ignoredBy\": {\n \"isIgnoredByRule\": true\n }\n }\n }\n }\n ```\n \n### Example GraphQL query to show all Vulenrability Findings that have Ignore Rules\n```bash\ncurl -X POST \"https://api.us20.app.wiz.io/graphql\" -H \"Content-Type: application/json\" -H \"Authorization: Bearer \" -d @query.json \n```\n", "creation_timestamp": "2026-06-12T19:54:24.000000Z"}