Skip to main content

CIRCL CVE Search

This Integration is part of the CIRCL Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Searches for CVE information using circl.lu.

Configure CIRCL CVE Search on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Data Enrichment & Threat Intelligence.

  2. Search for CIRCL.

  3. Click Add instance to create and configure a new integration instance.

    ParameterRequired
    Server URLTrue
    Use system proxy settingsFalse
    Trust any certificate (not secure)False
  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

cve-latest#


Returns the latest updated CVEs.

Base Command#

cve-latest

Input#

Argument NameDescriptionRequired
limitThe maximum number of CVEs to display.Optional

Context Output#

PathTypeDescription
CVE.IDStringThe ID of the CVE.
CVE.CVSSNumberThe CVSS score of the CVE.
CVE.PublishedDateThe date the CVE was published.
CVE.ModifiedDateThe date that the CVE was last modified.
CVE.DescriptionStringThe description of the CVE.
DBotScore.IndicatorStringThe indicator value.
DBotScore.ScoreNumberThe indicator score.
DBotScore.TypeStringThe indicator type.
DBotScore.VendorStringThe vendor reporting the score of the indicator.
Human Readable Output#
CVSSThe CVE CVSS Score
DescriptionCVE Description
IDCVE ID
ModifiedThe date the CVE was modified
PublishedThe date the CVE was published

cve#


Returns CVE information by CVE ID.

Base Command#

cve

Input#

Argument NameDescriptionRequired
cveA comma-separated list of CVE IDs to searchRequired

Context Output#

PathTypeDescription
CVE.IDStringThe ID of the CVE.
CVE.CVSS.ScoreNumberThe CVSS score of the CVE.
CVE.CVSS.VectorStringThe CVSS vector of the CVE.
CVE.CVSS.TableDictThe CVSS table of the CVE.
CVE.PublishedDateThe date the CVE was published.
CVE.ModifiedDateThe date that the CVE was last modified.
CVE.DescriptionStringThe description of the CVE.
CVE.vulnerableconfigurationsDictVulnerable configurations in CPE format
CVE.vulnerableproductDictVulnerable products in CPE format
CVE.TagsListA list of tags
CVE.RelationshipsListList of relationships for the CVE
DBotScore.IndicatorStringThe indicator that was tested.
DBotScore.ScoreNumberThe actual score.
DBotScore.TypeStringThe indicator type.
DBotScore.VendorStringThe vendor used to calculate the score.
Command Example#

!cve cve=CVE-2014-1234

Context Example#
{
"CVE": [
{
"ID": "CVE-2014-1234",
"Published": "2014-01-10T12:02:00",
"CVSS": 2.1,
"Modified": "2014-01-10T17:57:00",
"Description": "The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process."
}
]
}
Human Readable Output#
CVSS4.3
DescriptionXSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.
IDCVE-2022-1234
Modified2022-04-13T15:03:00
Published2022-04-06T04:15:00