CVE Response
Data Dictionary: CVE Response
This outlines the field types associated with the CVE Lookup Endpoint.
Field Name | Field Type | Example | Description |
---|---|---|---|
id | string | CVE-2024-12345 | The CVE ID |
details | object | { "vulnerability_name": "Acme Inc Expoilt Attempt", "vulnerability_description": "Potentially allowing Acme Inc to exploit anvil drop on new users.", "cve_cvss_score": 4.5, "product": "Acme Inc", "vendor": "Anvil Drop", "published_to_nist_nvd": true } | Metadata object with basic details on the CVE |
details.vulnerability_name | string | Acme Inc Expoilt Attempt | The name of the vulnerability |
details.vulnerability_description | string | Potentially allowing Acme Inc to exploit anvil drop on new users." | A description of the vulnerability |
details.cve_cvss_score | float | 4.5 | The current CVSS score (Common Vulnerability Scoring System) |
details.product | string | Acme Inc | The produc(s) associated with CVE |
details.vendor | string | Anvil Drop | The Vendor(s) associated with CVE |
details.published_to_nist_nvd | boolan | true | Whether this CVE is recognized by NIST |
timeline | object | { "cve_published_date": "2024-05-28T19:15:10.060", "cve_last_updated_date": "2024-05-31T16:04:09.703", "first_known_published_date": "2024-05-27T00:00:00Z", "cisa_kev_date_added": "2024-05-30T00:00:00Z" } | |
timeline.cve_published_date | datetime | 2024-05-28T19:15:10.060 | Date when CVE was published by NVD |
timeline.cve_last_updated_date | datetime | 2024-05-31T16:04:09.703 | Date when CVE record was last updated |
timeline.first_known_published_date | datetime | 2024-05-27T00:00:00Z | Date when first exploit associated with CVE was published |
timeline.cisa_kev_date_added | datetime | 2024-05-30T00:00:00Z | Date CISA added KEV entry associated with CVE |
exploitation_details | object | { "attack_vector": "NETWORK", "exploit_found": true, "exploitation_registered_in_kev": true, "epss_score": 0.94504 } | |
exploitation_details.attack_vector | string | NETWORK | The attack vector category |
exploitation_details.exploit_found | boolean | true | Whether any known exploits are available |
exploitation_details.exploitation_registered_in_kev | boolean | true | Whether exploitation has been registered in KEV database |
exploitation_details.epss_score | float | 0.94504 | EPSS Score associated with this exploitation (Exploit Prediction Scoring System) |
exploitation_stats | object | { "number_of_available_exploits": 60, "number_of_threat_actors_exploiting_vulnerability": 1, "number_of_botnets_exploiting_vulnerability": 0 } | |
exploitation_stats.number_of_available_exploits | integer | 60 | The total number of exploits available (public + commercial) |
exploitation_stats.number_of_threat_actors_exploiting_vulnerability | integer | 1 | The total number of known threat actors |
exploitation_stats.number_of_botnets_exploiting_vulnerability | integer | 0 | The total number of botnets |
exploitation_activity | object | { "activity_seen": true, "benign_ip_count_1d": 765, "benign_ip_count_10d": 765, "benign_ip_count_30d": 765, "threat_ip_count_1d": 0, "threat_ip_count_10d": 1, "threat_ip_count_30d": 14 } | |
exploitation_activity.activity_seen | boolean | true | Whether GreyNoise has seen activity |
exploitation_activity.benign_ip_count_1d | integer | 765 | The total number of benign IP GreyNoise has seen exercising (Scanning || Exploiting) this vulnerability today |
exploitation_activity.benign_ip_count_10d | integer | 765 | The total number of benign IP GreyNoise has seen exercising (Scanning || Exploiting) this vulnerability 10 days |
exploitation_activity.benign_ip_count_30d | integer | 765 | The total number of benign IP GreyNoise has seen exercising (Scanning || Exploiting) this vulnerability 30 days |
exploitation_activity.threat_ip_count_1d | integer | 0 | The total number of threat IP GreyNoise has seen exercising (Scanning || Exploiting) this vulnerability today |
exploitation_activity.threat_ip_count_10d | integer | 1 | The total number of threat IP GreyNoise has seen exercising (Scanning || Exploiting) this vulnerability 10 days |
exploitation_activity.threat_ip_count_30d | integer | 14 | The total number of threat IP GreyNoise has seen exercising (Scanning || Exploiting) this vulnerability 30 days |
Updated 4 months ago