What I recommend you do instead is work with the results of show-threat-protections offline so you're not hitting the API server so hard.
You can then use scripting and jq to parse the results from the files, which will most likely be significantly faster.
In the below examples, I am logged into the management server in expert mode.
To create a reusable API session for my successive API calls, I did:
mgmt_cli -r true login > sid.txt
You can find out the default number of results returned by the API call and the total number you have to parse through using
mgmt_cli -s sid.txt show threat-protections --format json | jq '{limit: .to, total: .total}'
You can then generate successive calls like the following to get all the results into a single file (advancing the offset for each call):
mgmt_cli -s sid.txt show threat-protections details-level full offset 50 --format json | jq '.protections[] | {uid: .uid, name: .name, "industry-reference": ."industry-reference"}' >> ips.json
Once you've got all the results in a single file, log out:
mgmt_cli -s sid logout
Once you've got all the results in a single file, you can use jq to query against those results and get only the uid of the protection you need to modify:
cat ips.json | jq -r 'select (."industry-reference"[]? == "CVE-2020-3807") | .uid'
Obviously, all of this can be scripted.