CIRCL CVE Search
This Integration is part of the CIRCL Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.5.0 and later.
Searches for CVE information using circl.lu.
Configure CIRCL CVE Search in Cortex#
| Parameter | Description | Required |
|---|---|---|
| Source Reliability | Reliability of the source providing the intelligence data. | True |
| Server URL | True | |
| Use system proxy settings | False | |
| Trust any certificate (not secure) | False |
Commands#
You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
cve-latest#
Deprecated. use NVD feed 2.0 instead. Returns the latest updated CVEs.
Base Command#
cve-latest
Input#
| Argument Name | Description | Required |
|---|---|---|
| limit | The maximum number of CVEs to display. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| CVE.ID | String | The ID of the CVE. |
| CVE.CVSS | Number | The CVSS score of the CVE. |
| CVE.Published | Date | The date the CVE was published. |
| CVE.Modified | Date | The date that the CVE was last modified. |
| CVE.Description | String | The description of the CVE. |
| DBotScore.Indicator | String | The indicator value. |
| DBotScore.Score | Number | The indicator score. |
| DBotScore.Type | String | The indicator type. |
| DBotScore.Vendor | String | The vendor reporting the score of the indicator. |
Human Readable Output#
| CVSS | The CVE CVSS Score |
| Description | CVE Description |
| ID | CVE ID |
| Modified | The date the CVE was modified |
| Published | The date the CVE was published |
cve#
Returns CVE information by CVE ID.
Base Command#
cve
Input#
| Argument Name | Description | Required |
|---|---|---|
| cve | A comma-separated list of CVE IDs to search | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| CVE.ID | String | The ID of the CVE. |
| CVE.CVSS.Score | Number | The CVSS score of the CVE. |
| CVE.CVSS.Vector | String | The CVSS vector of the CVE. |
| CVE.CVSS.Table | Dict | The CVSS table of the CVE. |
| CVE.Published | Date | The date the CVE was published. |
| CVE.Modified | Date | The date that the CVE was last modified. |
| CVE.Description | String | The description of the CVE. |
| CVE.vulnerableconfigurations | Dict | Vulnerable configurations in CPE format |
| CVE.vulnerableproduct | Dict | Vulnerable products in CPE format |
| CVE.Tags | List | A list of tags |
| CVE.Relationships | List | List of relationships for the CVE |
| DBotScore.Indicator | String | The indicator that was tested. |
| DBotScore.Score | Number | The actual score. |
| DBotScore.Type | String | The indicator type. |
| DBotScore.Vendor | String | The vendor used to calculate the score. |
Command Example#
!cve cve=CVE-2014-1234
Context Example#
Human Readable Output#
| CVSS | 4.3 |
| Description | XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device. |
| ID | CVE-2022-1234 |
| Modified | 2022-04-13T15:03:00 |
| Published | 2022-04-06T04:15:00 |