National Vulnerability Database
App Vendor: NIST
App Category: Vulnerability Management
Connector Version: 1.2.0
API Version: v2
About App
The National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data represented using the security content automation protocol. This data enables automation of vulnerability management, security measurement, and compliance.
The National Vulnerability Database app is configured with Orchestrate to perform the following actions:
Action Name | Description |
|---|---|
List CVEs | This action lists the CVEs (Common Vulnerabilities and Exposures) from the National Vulnerability Database. |
Get CVE Details | This action retrieves the details of a CVE (Common Vulnerabilities and Exposures). |
Configuration Parameters
The following configuration parameters are required for the National Vulnerability Database app to communicate with the National Vulnerability Database enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
API Key | Enter the API credentials obtained from National Vulnerability Database website. | Password | Required | An API key can be requested at https://nvd.nist.gov/developers/request-an-api-key. |
Verify | Choose your preference to verify SSL or TLS while making requests. It is recommended to set this option to yes. Passing no may result in incorrectly establishing the connection. | Boolean | Optional | Default value: False |
Timeout | Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with National Vulnerability Database. | Integer | Optional | Allowed range: 15-120 Default value: 15 |
Action: List CVEs
This action lists the CVEs from the National Vulnerability Database.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Severity | Enter the severity to filter the vulnerabilities. Example: medium | Text | Optional | Allowed values:
|
CWE ID | Enter a CWE ID (Common Weakness Enumeration). Example: CWE-1228 | Text | Optional | |
Keyword | Enter a keyword to search vulnerabilities. Example: Java | Text | Optional | This parameter is used to retrieve records where a word or phrase is found in the vulnerability description or reference links. |
Published Start Date | Enter the datetime to filter the vulnerabilities added after in yyyy-mm-ddthh:mm:ss:sss z format. Example: 2020-02-01T12:00:00:000 Z | Text | Optional | If you filter the vulnerabilities by date, then both the start and end dates must be specified. |
Published End Date | Enter the datetime to filter the vulnerabilities added before in yyyy-mm-ddthh:mm:ss:sss z format. Example: 2020-05-01T12:00:00:000 Z | Text | Optional | If you filter the vulnerabilities by date, then both the start and end dates must be specified. |
Page Size | Enter the maximum number of results to be displayed. Example: 10 | Text | Optional | Default value: 20 Maximum value: 2000 |
Start Index | Enter the start index to get responses from. Example: 21 | Text | Optional | Default value: 0 |
Extra Params | Enter the extra parameters. | Key Value | Optional | Allowed keys:
|
Example Request
[
{
"severity": "medium",
"cwe_id": "CWE-1228",
"keyword": "Java",
"published_start_date": "2020-02-01T12:00:00:000 Z",
"published_end_date": "2020-05-01T12:00:00:000 Z",
"page_size": "10",
"start_index": "21"
}
]Action Response Parameters
Parameter | Type | Description |
|---|---|---|
| JSON Object | This parameter indicates the ID of the app instance configured in Orchestrate from which the response is retrieved. |
| JSON Object | Includes the response received from the app action. |
| String | Returns the response format. |
| Integer | Returns the number of records returned per page. |
| Integer | Returns the start index of the retrieved records. |
| String | Timestamp of the API request to the NVD database. |
| Integer | Returns the total number of CVEs available in the database. |
| String | Returns the NVD database version. |
| Array of JSON Objects | Returns a list of vulnerabilities. |
| JSON Object | Returns the details of a vulnerability. |
| Array of JSON Objects | Returns the configuration of the vulnerability. |
| Array of JSON Objects | Returns the description of the vulnerability in multiple languages. |
| String | Returns the CVE ID of the vulnerability. |
| String | Returns the last modified date and time. |
| JSON Object | Returns the CVSS metrics of the vulnerability. |
| String | Returns the published date and time. |
| Array of JSON Objects | Returns a list of reference links about the vulnerability. |
| String | Returns the status of the vulnerability. |
| Array of JSON Objects | Returns a list of weakness details of the vulnerability. |
Action: Get CVE Details
This action retrieves the details of a CVE.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
CVE ID | Enter the CVE ID. Example: CVE-2021-27078 | Text | Required | You can retrieve this using the action List CVEs. |
Extra Params | Enter the extra parameters. | Key Value | Optional | Allowed keys:
|
Example Request
[
{
“cve_id”: “CVE-2021-27078”
}
]Action Response Parameters
Parameter | Type | Description |
|---|---|---|
| JSON Object | This parameter indicates the ID of the app instance configured in Orchestrate from which the response is retrieved. |
| JSON Object | Includes the response received from the app action. |
| String | Returns the response format. |
| Integer | Returns the number of records returned per page. |
| Integer | Returns the start index of the retrieved records. |
| String | Timestamp of the API request to the NVD database. |
| Integer | Returns the total number of CVEs available in the database. |
| String | Returns the NVD database version. |
| Array of JSON Objects | Returns a list of vulnerabilities. |
| JSON Object | Returns the details of a vulnerability. |
| Array of JSON Objects | Returns the configuration of the vulnerability. |
| Array of JSON Objects | Returns the description of the vulnerability in multiple languages. |
| String | Returns the CVE ID of the vulnerability. |
| String | Returns the last modified date and time. |
| JSON Object | Returns the CVSS metrics of the vulnerability. |
| String | Returns the published date and time. |
| Array of JSON Objects | Returns a list of reference links about the vulnerability. |
| String | Returns the status of the vulnerability. |
| Array of JSON Objects | Returns a list of weakness details of the vulnerability. |