Exploit & Vulnerability Intelligence

Vulnerability Intelligence

Leverage the vulnerability intelligence features within VulnCheck Exploit & Vulnerability Intelligence to get the industry's fastest and most comprehensive vulnerability intelligence available and solve the vulnerability prioritization challenge today.

VulnCheck Vulnerability Intelligence service provides vulnerability enrichment, CPE Enrichment, CVSS temporal scores, vulnerability categorization data, and embeds rich exploit intelligence to go well above and beyond what the NIST NVD provides.

VulnCheck Vulnerability Intelligence is an autonomous system that tracks hundreds of vendor and government advisories, and then marries that data with best-in-class exploit intelligence from VulnCheck.

Unlike other vulnerability databases, VulnCheck includes the latest information on a wider range of vulnerabilities, including:

Vulnerabilities in Open Source packages / dependencies
Vulnerabilities in ICS/OT, IoMT, IoT, mobile, etc., devices

VulnCheck Exploit & Vulnerability Intelligence also includes unique fields, typically unavailable in other alternative sources, such as:

Categorization (e.g., ICS/OT, IoMT, IoT, Mobile, Server Software, etc.)
Faster & Cleaner Common Platform Enumeration(CPE)
CVSS Temporal Enrichment (CVSS-BT) / CVSS V4 Enrichment
MITRE ATT&CK mapping
MITRE Attack Patterns (CAPEC) mapping
CWE associations for pre-2008 CVEs
More vendor advisory references
More vulnerability database references
More exploit references
Less broken links
EPSS Enrichment
Ability to query by Package URL (purl)
Vulnerability Status

Download vulncheck-nvd2

The VulnCheck API makes it easy to download VulnCheck Vulnerability Intelligence. To start, simply query the vulncheck-nvd2 index via the `/v3/backup/vulncheck-nvd2 API as follows:

curl --request GET \
    --url https://api.vulncheck.com/v3/backup/vulncheck-nvd2 \
    --header 'Accept: application/json' \
    --header 'Authorization: Bearer insert_token_here'

package main

import (
    "fmt"
    "github.com/vulncheck-oss/sdk-go"
)

func main() {
    client := sdk.Connect("https://api.vulncheck.com", "insert_token_here")
    response, err := client.GetIndexBackup("vulncheck-nvd2")

    if err != nil {
        panic(err)
    }

    fmt.Println(response.Urls())
}

import vulncheck_sdk

configuration = vulncheck_sdk.Configuration(host="https://api.vulncheck.com/v3")
configuration.api_key["Bearer"] = "insert_token_here"

with vulncheck_sdk.ApiClient(configuration) as api_client:
    endpoints_client = vulncheck_sdk.EndpointsApi(api_client)

    api_response = endpoints_client.backup_index_get("vulncheck-nvd2")

    print(api_response.data[0].url)

vulncheck backup download vulncheck-nvd2

Access Individual vulncheck-nvd2 CVE Records

The VulnCheck API makes it easy to get started with VulnCheck Exploit & Vulnerability Intelligence. To start, simply query the vulncheck-nvd2 index via the /v3/index/:index?cve=:cve API as follows:

curl --request GET \
    --url https://api.vulncheck.com/v3/index/vulncheck-nvd2?cve=CVE-2024-21762 \
    --header 'Accept: application/json' \
    --header 'Authorization: Bearer insert_token_here'

package main

import (
  "encoding/json"
    "fmt"
  "log"
    "github.com/vulncheck-oss/sdk-go"
)

func main() {
    client := sdk.Connect("https://api.vulncheck.com", "insert_token_here")
    response, err := client.GetIndexVulncheckNvd2(sdk.IndexQueryParameters{
        Cve: "CVE-2024-21762",
    })

    if err != nil {
        panic(err)
    }

    prettyJSON, err := json.MarshalIndent(response.Data, "", "  ")
    if err != nil {
        log.Fatalf("Failed to generate JSON: %v", err)
        return
    }

    fmt.Println(string(prettyJSON))
}

import vulncheck_sdk

configuration = vulncheck_sdk.Configuration(host="https://api.vulncheck.com/v3")
configuration.api_key["Bearer"] = "insert_token_here"

with vulncheck_sdk.ApiClient(configuration) as api_client:
    indices_client = vulncheck_sdk.IndicesApi(api_client)

    api_response = indices_client.index_vulncheck_nvd2_get(cve="CVE-2024-21762")

    print(api_response.data)

vulncheck index browse vulncheck-nvd2 --cve CVE-2024-21762

The above example searches the vulncheck-nvd2 index for information on CVE-2024-21762.

Example API Response for vulncheck-nvd2 by CVE

After calling the /v3/index/vulncheck-nvd2?cve=:cve API endpoint with a valid CVE identifier, a response similar to the below will be returned:

{
  "_benchmark": 0.095634,
  "_meta": {
    "index": "vulncheck-nvd2",
    // ...
  },
  "data": [
    {
      "id": "CVE-2024-21762",
      "sourceIdentifier": "psirt@fortinet.com",
      "vulnStatus": "Analyzed",
      "published": "2024-02-09T09:15:08.087Z",
      "lastModified": "2024-02-13T18:21:14.607Z",
      "cisaExploitAdd": "2024-02-09T00:00:00Z",
      "vulncheckKEVExploitAdd": "2024-02-08T00:00:00Z",
      "cisaActionDue": "2024-02-16T00:00:00Z",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "Fortinet FortiOS Out-of-Bound Write Vulnerability",
      "descriptions": [
        {
          "lang": "en",
          "value": "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests"
        },
        {
          "lang": "es",
          "value": "Una escritura fuera de los límites en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15 , 6.0.0 a 6.0.17, y versiones de FortiProxy 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13 , 1.1.0 a 1.1.6, 1.0.0 a 1.0.7. Permite al atacante ejecutar código o comandos no autorizados a través de solicitudes específicamente manipuladas"
        }
      ],
      "references": [
        {
          "status": "active",
          "lang": "ru",
          "name": "Уязвимость службы sslvpnd операционных систем FortiOS, позволяющая нарушителю выполнить произвольный код или произвольные команды",
          "url": "https://bdu.fstec.ru/vul/2024-01125",
          "refsource": "BDU",
          "tags": [
            "Vendor Advisory"
          ],
          "date_added": "2024-02-08T00:00:00Z"
        },
        {
          "status": "active",
          "lang": "en",
          "name": "Warning: Two Critical Vulnerabilities Affect Multiple Fortinet Products",
          "url": "https://cert.be/en/advisory/warning-two-critical-vulnerabilities-affect-multiple-fortinet-products",
          "refsource": "CERT-BE",
          "tags": [
            "Vendor Advisory"
          ],
          "date_added": "2024-02-12T00:00:00Z"
        },
        {
          "status": "active",
          "lang": "en",
          "name": "Multiple Vulnerabilities in Siemens Products",
          "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2024-0019",
          "refsource": "CERT-IN",
          "tags": [
            "Vendor Advisory"
          ],
          "date_added": "2024-03-21T00:00:00Z"
        }
        // ...
      ],
      "metrics": {
        "cvssMetricV31": [
          {
            "source": "nvd@nist.gov",
            "type": "Primary",
            "cvssData": {
              "version": "3.1",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "attackVector": "NETWORK",
              "attackComplexity": "LOW",
              "privilegesRequired": "NONE",
              "userInteraction": "NONE",
              "scope": "UNCHANGED",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL"
            },
            "exploitabilityScore": 3.9,
            "impactScore": 5.9
          },
          {
            "source": "psirt@fortinet.com",
            "type": "Secondary",
            "cvssData": {
              "version": "3.1",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "attackVector": "NETWORK",
              "attackComplexity": "LOW",
              "privilegesRequired": "NONE",
              "userInteraction": "NONE",
              "scope": "UNCHANGED",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL"
            },
            "exploitabilityScore": 3.9,
            "impactScore": 5.9
          }
        ],
        "temporalCVSSV31": {
          "version": "3.1",
          "vectorString": "E:H/RL:X/RC:C",
          "exploitCodeMaturity": "HIGH",
          "remediationLevel": "NOT_DEFINED",
          "reportConfidence": "CONFIRMED",
          "temporalScore": 9.8,
          "associatedBaseMetricV3": {
            "source": "nvd@nist.gov",
            "type": "Primary",
            "baseScore": 9.8
          }
        },
        "temporalCVSSV31Secondary": [
          {
            "version": "3.1",
            "vectorString": "E:H/RL:X/RC:C",
            "exploitCodeMaturity": "HIGH",
            "remediationLevel": "NOT_DEFINED",
            "reportConfidence": "CONFIRMED",
            "temporalScore": 9.8,
            "associatedBaseMetricV3": {
              "source": "psirt@fortinet.com",
              "type": "Secondary",
              "baseScore": 9.8
            }
          }
        ],
        "epss": {
          "epss_score": 0.01842,
          "epss_percentile": 0.88426,
          "last_modified": "2024-06-28T10:05:46.084968Z"
        }
      },
      "weaknesses": [
        {
          "source": "psirt@fortinet.com",
          "type": "Primary",
          "description": [
            {
              "lang": "en",
              "value": "CWE-787",
              "name": "Out-of-bounds Write",
              "url": "https://cwe.mitre.org/data/definitions/787.html"
            }
          ]
        }
      ],
      "configurations": [
        {
          "nodes": [
            {
              "operator": "OR",
              "cpeMatch": [
                {
                  "vulnerable": true,
                  "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "1.0.0",
                  "versionEndExcluding": "2.0.14",
                  "matchCriteriaId": "614BFD88-3C7A-4F6F-BD26-F53E4BC464D7"
                },
                {
                  "vulnerable": true,
                  "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "7.0.0",
                  "versionEndExcluding": "7.0.15",
                  "matchCriteriaId": "72ED8947-DBF3-483B-B267-117403A3D8E3"
                }
                // ...
              ]
            }
          ]
        }
      ],
      "vcConfigurations": [
        {
          "nodes": [
            {
              "operator": "OR",
              "cpeMatch": [
                {
                  "vulnerable": true,
                  "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "1.0.0",
                  "versionEndIncluding": "1.0.7",
                  "matchCriteriaId": ""
                },
                {
                  "vulnerable": true,
                  "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "7.4.0",
                  "versionEndIncluding": "7.4.2",
                  "matchCriteriaId": ""
                }
                // ...
              ]
            }
          ]
        },
        {
          "nodes": [
            {
              "operator": "OR",
              "cpeMatch": [
                {
                  "vulnerable": true,
                  "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.0.0",
                  "versionEndIncluding": "6.0.17",
                  "matchCriteriaId": ""
                },
                {
                  "vulnerable": true,
                  "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "7.4.0",
                  "versionEndIncluding": "7.4.2",
                  "matchCriteriaId": ""
                }
                // ...
              ]
            }
          ]
        }
      ],
      "vulnerableCPEs": [
        "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*"
        // ...
      ],
      "vcVulnerableCPEs": [
        "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*"
        // ...
      ],
      "STATUS": "Analyzed",
      "categorization": {
        "tags": [
          "ICS/OT",
          "IoT"
        ]
      },
      "relatedAttackPatterns": [
        {
          "lang": "en",
          "capec_id": "CAPEC-100",
          "capec_name": "Overflow Buffers",
          "capec_url": "https://capec.mitre.org/data/definitions/100.html"
        }
      ],
      "mitreAttackTechniques": [
        {
          "id": "T0819",
          "url": "https://attack.mitre.org/techniques/T0819",
          "name": "Exploit Public-Facing Application",
          "domain": "ICS",
          "tactics": [
            "initial-access"
          ],
          "subtechnique": false
        },
        {
          "id": "T0866",
          "url": "https://attack.mitre.org/techniques/T0866",
          "name": "Exploitation of Remote Services",
          "domain": "ICS",
          "tactics": [
            "initial-access",
            "lateral-movement"
          ],
          "subtechnique": false
        }
      ],
      "date_added": "2024-02-08T00:00:00Z",
      "documentGenerationDate": "2024-06-28T12:06:40.053130613Z"
    }
  ]
}

The above example response shows what the vulncheck-nvd2 index returns for CVE-2024-21762.

Vulncheck-NVD2 Attribute Details

Attribute	Meaning
id	CVE Identifier
sourceIdentifier	CVE Numbering Authority - When the CVE has not yet been published on CVE.org, this field will be blank
vulnStatus	NVD vulnerability status - When the CVE has not yet been published on CVE.org, this field is set to awaiting analysis
published	The NVD publish date - When the CVE has not yet been published on CVE.org, this field is set to "1970-01-01T00:00:00Z"
lastModified	The NVD last modified date - When the CVE has not yet been published on CVE.org, this field is set to "1970-01-01T00:00:00Z"
cisaExploitAdd	The Date Added to CISA KEV
vulncheckKEVExploitAdd	The Date Added to VulnCheck KEV
cisaActionDue	CISA KEVs Due Date
cisaRequiredAction	CISA KEVs Required Action
cisaVulnerabilityName	CISA KEVs Vulnerability Name
descriptions	The Vulnerabilities Description
date_added	The date of the first published reference or published to NVD, which ever happens first.

Vulncheck-NVD2 Reference Tags

Attribute	Meaning
status	The state of data being produced by the source which include active, expired and moved.
lang	The language that the source is written in. ex:"en"
name	The name or title of reference
url	The reference URL
refsource	The source of the reference
tags	In addition to NVD tags, VulnCheck tags each reference source provided which include Government Advisory, VDB Entry, Exploit, Third Party Advisory, Operating Systems, IoMT, ICS/OT, Managed File Transfer, Vendor Advisory, and Signature.
date_added	The date provided by the reference.

Metrics

CVSS Metrics

Vulncheck enriches CVEs with VulnCheckIntelligence to generate CVSS temporal metrics.

Attribute	Meaning
cvssMetricVxx	CVSS Base Metrics can include V2, V3/V3.1, and V4
temporalCVSSVcc	CVSS Temporal Metrics can include V2, V3/3.2, and V4

EPSS

EPSS Attribute	Meaning
epss_score	The EPSS score
epss_precentile	The EPSS percentile

SSVC Metrics

Vulncheck enriches CVEs with CISA Vulnrichment SSVC metrics and generates VulnCheck SSVC metrics using VulnCheck Intelligence. Details on VulnCheck SSVC generation are available here: https://vulncheck.com/blog/automating-ssvc

Attribute	Meaning
source	Source that generated the SSVC decision
exploitation	Defines exploitation of the vulnerability as None, Public POC or Active
automatable	Defines if a vulnerability is automatable using Yes or No
technicalImpact	Defines the Technical Impact of a vulnerability as Partial or Total

CPE (Common Platform Enumeration)

VulnCheck-NVD2 includes NIST NVD generated CPE and VulnCheck generated CPE. Learn more about VulnCheck CPE generation here: https://docs.vulncheck.com/products/exploit-and-vulnerability-intelligence/cpe

Attribute	Meaning
configurations	NIST NVD CPE
vcConfigurations	VulnCheck CPE

Mitre Mappings

VulnCheck generates Mitre mappings for CWE, CAPEC and Att&ck

Attribute	Meaning
weaknesses	Common Weakness Enumeration
relatedAttackPatterns	CAPEC (Common Attack Pattern Enumeration Classification) including language, CAPEC id, CAPEC, name, and URL
mitreAttackTechniques	Mitre Attack Techniques including id, url, name, domain, tactics and subtechnique.

VulnCheck Categorizations

VulnCheck categorizations include Desktop Application, Firmware, ICS/OT, IoMT, IoT, Managed File Transfer, Mobile, Open Source Library, Operating System, Server Software, Virtualization, Web Browser, and Web Framework.

Exploit Intelligence

Vulnerability Enrichment