A CVE (Common Vulnerabilities and Exposures) is a unique identifier assigned to a specific cybersecurity vulnerability. It is part of the CVE system managed by MITRE in collaboration with the global security community.
Key Features of a CVE:
Unique Identifier: Each CVE has a standardized format, such as CVE-2024-12345, which includes:
CVE: The prefix indicating it’s part of the CVE system.
Year: The year the vulnerability was registered.
Number: A unique identifier for the specific vulnerability.
Description: A brief summary of the vulnerability, including the affected system or software and the nature of the issue.
Purpose: CVEs allow organizations to quickly identify, track, and respond to vulnerabilities in their systems by providing a standardized reference across tools, databases, and advisories.
Public Database: CVEs are cataloged in the National Vulnerability Database (NVD) and other databases, often accompanied by severity ratings (e.g., CVSS scores) and mitigation recommendations.
We synchronise our graph with the official MITRE CVE list. This is hosted on github and is updated at very short intervals. cybernality is updated every hour with the latest information from the list.
Property | Data type | Comment |
reference | list of strings | The strings are JSON strings representing objects from the following format: Look here in the official cve-schema under section reference. |
assignerOrgId | string | Organization responsible for assigning the CVE ID. This organization is typically a CVE Numbering Authority (CNA), which is authorized by MITRE to assign CVE identifiers to vulnerabilities within its defined scope. |
cveId | string | The id of the cve |
adps | list of strings | The strings are JSON strings representing objects from the following format: Look here in the official cve-schema under section adpContainer. |
title | string | The CVE title |
descriptions | list of strings | The strings are JSON strings representing objects from the following format: Look here in the official cve-schema under section description. |
dateUpdated | datetime in ISO 8601 format | e.g. 2024-11-05T15:32:57.735000000Z |
datePublished | datetime in ISO 8601 format | e.g. 2024-11-05T15:32:57.735000000Z |
metrics | list of strings | The strings are JSON strings representing objects from the following format: Look here in the official cve-schema under section metrics. |
state | string | e.g. “PUBLISHED” |
dateReserved | datetime in ISO 8601 format | e.g. 2024-11-05T15:32:57.735000000Z |
assignerShortName | string | e.g. “hpe” |
AffectedProduct
ResultItem
Impact
ProblemType