Exploit And Vulnerability Intelligence
Vulnerability Intelligence
Leverage the vulnerability intelligence features within VulnCheck Exploit & Vulnerability Intelligence to get the industry's fastest and most comprehensive vulnerability intelligence available and solve the vulnerability prioritization challenge today.
VulnCheck Vulnerability Intelligence service provides vulnerability enrichment, CPE Enrichment, CVSS temporal scores, vulnerability categorization data, and embeds rich exploit intelligence to go well above and beyond what the NIST NVD provides.
VulnCheck Vulnerability Intelligence is an autonomous system that tracks hundreds of vendor and government advisories, and then marries that data with best-in-class exploit intelligence from VulnCheck.
Unlike other vulnerability databases, VulnCheck includes the latest information on a wider range of vulnerabilities, including:
- Vulnerabilities in Open Source packages / dependencies
- Vulnerabilities in ICS/OT, IoMT, IoT, mobile, etc., devices
VulnCheck Exploit & Vulnerability Intelligence also includes unique fields, typically unavailable in other alternative sources, such as:
- Categorization (e.g., ICS/OT, IoMT, IoT, Mobile, Server Software, etc.)
- Faster & Cleaner Common Platform Enumeration(CPE)
- CVSS Temporal Enrichment (CVSS-BT) / CVSS V4 Enrichment
- MITRE ATT&CK mapping
- MITRE Attack Patterns (CAPEC) mapping
- CWE associations for pre-2008 CVEs
- More vendor advisory references
- More vulnerability database references
- More exploit references
- Less broken links
- EPSS Enrichment
- Ability to query by Package URL (purl)
- Vulnerability Status
Download vulncheck-nvd2
The VulnCheck API makes it easy to download VulnCheck Vulnerability Intelligence. To start, simply query the vulncheck-nvd2 index via the `/v3/backup/vulncheck-nvd2 API as follows:
curl --request GET \
--url https://api.vulncheck.com/v3/backup/vulncheck-nvd2 \
--header 'Accept: application/json' \
--header 'Authorization: Bearer insert_token_here'
Access Individual vulncheck-nvd2 CVE Records
The VulnCheck API makes it easy to get started with VulnCheck Exploit & Vulnerability Intelligence. To start, simply query the vulncheck-nvd2 index via the /v3/index/:index?cve=:cve API as follows:
curl --request GET \
--url https://api.vulncheck.com/v3/index/vulncheck-nvd2?cve=CVE-2024-21762 \
--header 'Accept: application/json' \
--header 'Authorization: Bearer insert_token_here'
The above example searches the vulncheck-nvd2 index for information on CVE-2024-21762.
Example API Response for vulncheck-nvd2 by CVE
After calling the /v3/index/vulncheck-nvd2?cve=:cve API endpoint with a valid CVE identifier, a response similar to the below will be returned:
{
"_benchmark": 0.095634,
"_meta": {
"index": "vulncheck-nvd2",
// ...
},
"data": [
{
"id": "CVE-2024-21762",
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"published": "2024-02-09T09:15:08.087Z",
"lastModified": "2024-02-13T18:21:14.607Z",
"cisaExploitAdd": "2024-02-09T00:00:00Z",
"vulncheckKEVExploitAdd": "2024-02-08T00:00:00Z",
"cisaActionDue": "2024-02-16T00:00:00Z",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Fortinet FortiOS Out-of-Bound Write Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests"
},
{
"lang": "es",
"value": "Una escritura fuera de los límites en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15 , 6.0.0 a 6.0.17, y versiones de FortiProxy 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13 , 1.1.0 a 1.1.6, 1.0.0 a 1.0.7. Permite al atacante ejecutar código o comandos no autorizados a través de solicitudes específicamente manipuladas"
}
],
"references": [
{
"status": "active",
"lang": "ru",
"name": "Уязвимость службы sslvpnd операционных систем FortiOS, позволяющая нарушителю выполнить произвольный код или произвольные команды",
"url": "https://bdu.fstec.ru/vul/2024-01125",
"refsource": "BDU",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-08T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Warning: Two Critical Vulnerabilities Affect Multiple Fortinet Products",
"url": "https://cert.be/en/advisory/warning-two-critical-vulnerabilities-affect-multiple-fortinet-products",
"refsource": "CERT-BE",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-12T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Multiple Vulnerabilities in Siemens Products",
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2024-0019",
"refsource": "CERT-IN",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-03-21T00:00:00Z"
}
// ...
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"temporalCVSSV31": {
"version": "3.1",
"vectorString": "E:H/RL:X/RC:C",
"exploitCodeMaturity": "HIGH",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"temporalScore": 9.8,
"associatedBaseMetricV3": {
"source": "nvd@nist.gov",
"type": "Primary",
"baseScore": 9.8
}
},
"temporalCVSSV31Secondary": [
{
"version": "3.1",
"vectorString": "E:H/RL:X/RC:C",
"exploitCodeMaturity": "HIGH",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"temporalScore": 9.8,
"associatedBaseMetricV3": {
"source": "psirt@fortinet.com",
"type": "Secondary",
"baseScore": 9.8
}
}
],
"epss": {
"epss_score": 0.01842,
"epss_percentile": 0.88426,
"last_modified": "2024-06-28T10:05:46.084968Z"
}
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787",
"name": "Out-of-bounds Write",
"url": "https://cwe.mitre.org/data/definitions/787.html"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "2.0.14",
"matchCriteriaId": "614BFD88-3C7A-4F6F-BD26-F53E4BC464D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.15",
"matchCriteriaId": "72ED8947-DBF3-483B-B267-117403A3D8E3"
}
// ...
]
}
]
}
],
"vcConfigurations": [
{
"nodes": [
{
"operator": "OR",
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndIncluding": "1.0.7",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndIncluding": "7.4.2",
"matchCriteriaId": ""
}
// ...
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.17",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndIncluding": "7.4.2",
"matchCriteriaId": ""
}
// ...
]
}
]
}
],
"vulnerableCPEs": [
"cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*"
// ...
],
"vcVulnerableCPEs": [
"cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*"
// ...
],
"STATUS": "Analyzed",
"categorization": {
"tags": [
"ICS/OT",
"IoT"
]
},
"relatedAttackPatterns": [
{
"lang": "en",
"capec_id": "CAPEC-100",
"capec_name": "Overflow Buffers",
"capec_url": "https://capec.mitre.org/data/definitions/100.html"
}
],
"mitreAttackTechniques": [
{
"id": "T0819",
"url": "https://attack.mitre.org/techniques/T0819",
"name": "Exploit Public-Facing Application",
"domain": "ICS",
"tactics": [
"initial-access"
],
"subtechnique": false
},
{
"id": "T0866",
"url": "https://attack.mitre.org/techniques/T0866",
"name": "Exploitation of Remote Services",
"domain": "ICS",
"tactics": [
"initial-access",
"lateral-movement"
],
"subtechnique": false
}
],
"date_added": "2024-02-08T00:00:00Z",
"documentGenerationDate": "2024-06-28T12:06:40.053130613Z"
}
]
}
The above example response shows what the
vulncheck-nvd2index returns forCVE-2024-21762.
Exploit Intelligence
Leverage best-in-class exploit intelligence from VulnCheck to understand the state of vulnerability exploitation for a given vulnerability.
Vulnerability Enrichment
VulnCheck generates unique vulnerability enrichment that is then incorporated into VulnCheck's Exploit and Vulnerability Intelligence services.
