CVEDetails
Connector Category: Enrichment Tool
About Integration
CVEDetails is a free database and information source for CVE security vulnerabilities. CVEDetails provides access to vulnerability details, exploits, references, Metasploit modules, a full list of vulnerable products, CVSS score reports, and trends over time. Intel Exchange integrates with CVEDetails to enrich vulnerabilities and get references to provide you insights into their safety, reputation, and potential security risks.
Configure CVEDetails as an Enrichment Tool
Configure CVEDetails to enrich vulnerabilities.
Before you Start
Ensure that you have the view, create, and update permissions for Enrichment Management in Intel Exchange.
Ensure that you have the base URL of your CVEDetails instance.
Steps
To configure CVEDetails as an enrichment tool in Intel Exchange, follow these steps:
Sign in to Intel Exchange, and go to Administration > Enrichment Management > Enrichment Tools.
Search and select the CVEdetails enrichment tool.
Click Add Account and enter the following details:
Account Name: Enter a unique account name to identify the instance. For example, cvedetails.com.
Base URL: Enter the base URL of your CVEDetails instance. The default base URL is
https://www.cvedetails.com/cve.API Token: Enter the API token to authenticate with CVEDetails.
Verify SSL: Select to verify the SSL certificate and secure the connection between Intel Exchange and CVEdetails servers. By default, Verify SSL is selected.
Note
We recommend you enable Verify SSL. If you disable this option, Intel Exchange may configure an instance for an expired SSL certificate. This may not establish the connection properly and Intel Exchange will not be able to notify you in case of a broken or improper connection.
Click Save.
After successfully adding an account, you can view and enable the vulnerability feed enrichment types. You can also configure quota to define a limit to the number of enrichment requests Intel Exchange makes to CVEDetails. After the quota expires, you cannot make enrichment requests until the quota resets for the next quota duration. For more information, see Define Quota in Configure Enrichment Tools.
To understand the number of API calls and quota units consumed by the CVEDetails enrichment tool per polling, refer to the following table:
Enrichment Tool | Feed Enrichment Type | Number of API calls | Quota Consumed | API Endpoint |
|---|---|---|---|---|
CVEDetails | Vulnerability | 1 | 1 |
|
You can configure an enrichment policy to automatically enrich threat data objects using the CVEDetails enrichment tool. For more information, see Configure Enrichment Policy.