Skip to main content

CVE Search v2

Overview#


Search CVE Information - powered by circl.lu This integration was integrated and tested with CVE Search (Version 2.1).

Use Cases#

  1. Getting information about a specific cve
  2. Getting the latest published cve's

Configure CVE Search on Cortex XSOAR#


  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for CVE Search v2.
  3. Click Add instance to create and configure a new integration instance.
    • Name: a textual name for the integration instance.
    • Server URL
  4. Click Test to validate the URLs and connection.

Commands#


You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

  1. cve-latest
  2. cve

1. cve-latest#


Retruns the latest updated CVEs.

Base Command#

cve-latest

Input#
Argument NameDescriptionRequired
Context Output#
PathTypeDescription
CVE.IDStringThe ID of the CVE.
CVE.CVSSStringThe CVSS score of the CVE.
CVE.PublishedDateThe date the CVE was published.
CVE.ModifiedDateWhen CVE was last modified.
CVE.DescriptionStringThe description of the CVE.
Command Example#

!cve-latest limit=2

Context Example#
{
"CVE": [
{
"ID": "CVE-2020-7998",
"Published": "2020-01-28T05:15:00",
"CVSS": 5,
"Modified": "2020-01-28T05:15:00",
"Description": "An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service."
},
{
"ID": "CVE-2020-7997",
"Published": "2020-01-28T05:15:00",
"CVSS": 5,
"Modified": "2020-01-28T05:15:00",
"Description": "ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature."
},
]
}
Human Readable Output#

Integration log: {'CVE(val.ID === obj.ID)': [{'ID': 'CVE-2020-7998', 'CVSS': 5.0, 'Published': '2020-01-28T05:15:00', 'Modified': '2020-01-28T05:15:00', 'Description': 'An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service.'}, {'ID': 'CVE-2020-7997', 'CVSS': 5.0, 'Published': '2020-01-28T05:15:00', 'Modified': '2020-01-28T05:15:00', 'Description': 'ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature.'}]}

cicle.lu Latest CVEs#

CVSSDescriptionIDModifiedPublished
5.0An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service.CVE-2020-79982020-01-28T05:15:002020-01-28T05:15:00
5.0ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature.CVE-2020-79972020-01-28T05:15:002020-01-28T05:15:00

2. cve#


Search CVE by ID

Base Command#

cve

Input#
Argument NameDescriptionRequired
cve_idA comma separated list of CVE IDs to search.Required
Context Output#
PathTypeDescription
CVE.IDStringThe ID of the CVE.
CVE.CVSSStringThe CVSS score of the CVE.
CVE.PublishedDateThe date the CVE was published.
CVE.ModifiedDateThe date the CVE was last modified.
CVE.DescriptionStringThe description of the CVE.
Command Example#

!cve cve_id=CVE-2014-1234

Context Example#
{
"CVE": [
{
"ID": "CVE-2014-1234",
"Published": "2014-01-10T12:02:00",
"CVSS": 2.1,
"Modified": "2014-01-10T17:57:00",
"Description": "The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process."
}
]
}
Human Readable Output#

Integration log: {'CVE(val.ID === obj.ID)': [{'ID': 'CVE-2014-1234', 'CVSS': 2.1, 'Published': '2014-01-10T12:02:00', 'Modified': '2014-01-10T17:57:00', 'Description': 'The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process.'}]}

CVE Search results#

CVSSDescriptionIDModifiedPublished
2.1The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process.CVE-2014-12342014-01-10T17:57:002014-01-10T12:02:00