LogoLogo
  • Empirical Security
    • Overview
    • Authentication
    • Search Syntax
    • Errors
  • Products
  • Empirical.Models.Global
  • Empirical.Models.EPSS
  • Legacy - Exploit Intelligence Service
  • API References
    • CVEs
    • Search
    • Specification
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. API References

CVEs

PreviousLegacy - Exploit Intelligence ServiceNextSearch

Last updated 10 days ago

Was this helpful?

Retrieve a CVE by identifier

get

Provides the most up-to-date data about a CVE.

Authorizations
Path parameters
cve_idstringRequired

The identifier of the CVE to return, in the format CVE-YYYY-######

Example: CVE-2023-49103
Responses
200
successful
application/json
get
GET /api/cves/{cve_id} HTTP/1.1
Host: app.empiricalsecurity.com
Authorization: Bearer JWT
Accept: */*
200

successful

{
  "identifier": "CVE-2023-49103",
  "description": "An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).",
  "cvss": [
    {
      "version": "3.1",
      "score": 10,
      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "metrics": {
        "attack_vector": "Network",
        "attack_complexity": "Low",
        "privileges_required": "None",
        "user_interaction": "None",
        "scope": "Changed",
        "confidentiality": "High",
        "integrity": "High",
        "availability": "High"
      },
      "sources": [
        "cve@mitre.org",
        "mitre"
      ]
    },
    {
      "version": "3.1",
      "score": 7.5,
      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "metrics": {
        "attack_vector": "Network",
        "attack_complexity": "Low",
        "privileges_required": "None",
        "user_interaction": "None",
        "scope": "Unchanged",
        "confidentiality": "High",
        "integrity": "None",
        "availability": "None"
      },
      "sources": [
        "nvd@nist.gov"
      ]
    }
  ],
  "references": [
    "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/",
    "https://owncloud.org/security"
  ],
  "has_exploitation_activity": true,
  "exploitation_activity": {
    "0_to_7_days": true,
    "8_to_30_days": true,
    "31_to_90_days": true,
    "91_to_365_days": true,
    "alltime": true
  },
  "tags": {
    "actor": [],
    "actor_action": [],
    "attack_vector": [],
    "component": [
      "mail server credentials",
      "license key",
      "ownCloud admin password"
    ],
    "keywords": [
      "information disclosure",
      "web",
      "configuration"
    ],
    "outcome": [
      "credential disclosure",
      "gather information"
    ],
    "prerequisite": [
      "URL is accessed"
    ],
    "stride": [
      "tampering",
      "information disclosure",
      "denial of service"
    ],
    "weakness": [
      "reveals the configuration details of the PHP environment",
      "exposes various other potentially sensitive configuration details"
    ]
  },
  "cwes": [
    {
      "identifier": "CWE-200",
      "name": "Exposure of Sensitive Information to an Unauthorized Actor",
      "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.",
      "category_name": "SFP Secondary Cluster: Exposed Data",
      "category_id": "CWE-963"
    }
  ],
  "reserved_at": "2023-11-21T00:00:00.000Z",
  "published_at": "2023-11-21T00:00:00.000Z",
  "last_updated_at": "2025-01-27T22:24:27.772Z",
  "cisa_kev_added_at": "2023-11-30T00:00:00.000Z",
  "shodan_vulnerability_count": null,
  "google_project_zero": {
    "present": false,
    "patched_at": null
  },
  "exploits": {
    "metasploit": [
      {
        "name": "ownCloud Phpinfo Reader",
        "fullname": "auxiliary/gather/owncloud_phpinfo_reader",
        "description": "Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app `graph` installed\n          contain a test file which prints `phpinfo()` to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter.\n          Docker may export sensitive environment variables including ownCloud, DB, redis, SMTP, and S3 credentials, as well as other host information.",
        "disclosure_date": "2023-11-21",
        "mod_time": "2023-12-04T20:09:56.000Z"
      }
    ],
    "exploitdb": [],
    "github": [
      {
        "repo": "d0rb/CVE-2023-49103",
        "prediction": 0.8660581707954407,
        "predicted_at": "2025-03-10T16:40:29.000Z",
        "repo_created_at": "2025-03-10T20:11:29.004Z"
      }
    ]
  },
  "hackerone_reports_submitted": 4,
  "scores": {
    "global": {
      "score": 0.9713943314711305,
      "percentile": 0.9998484036161284,
      "computed_at": "2025-03-16T07:27:24.000Z"
    },
    "epss_v3": {
      "score": 0.92099,
      "percentile": 0.99238,
      "computed_at": "2025-03-16T15:46:16.000Z"
    },
    "epss_v4": {
      "score": 0.9091291982186883,
      "percentile": 0.996181146025878,
      "computed_at": "2025-03-16T18:47:04.000Z"
    }
  },
  "platforms": [
    {
      "product": "product",
      "vendor": "vendor"
    }
  ]
}

Retrieve historical scores by CVE identifier

get

Retrieve the entire score history for the CVE. Supported scoring_model values are global epss_v3 epss_v4 all. Note that EPSS customers cannot request global scores.

Authorizations
Path parameters
cve_idstringRequired

The identifier of the CVE to return, in the format CVE-YYYY-######

Example: CVE-2023-49103
Query parameters
scoring_modelstringRequired

The scoring model to retrieve historical scores for.

Example: epss_v3, epss_v4, global, all
Responses
200
successful
application/json
400
bad request
application/json
403
forbidden
application/json
get
GET /api/cves/{cve_id}/score_history HTTP/1.1
Host: app.empiricalsecurity.com
Authorization: Bearer JWT
Accept: */*
{
  "identifier": "CVE-2023-49103",
  "scores": {
    "epss_v4": [
      {
        "percentile": 0.996181146025878,
        "score": 0.9091291982186883,
        "computed_at": "2025-03-16T18:47:04.000Z"
      },
      {
        "percentile": 0.966181146025878,
        "score": 0.8991291982186883,
        "computed_at": "2025-03-16T18:46:04.000Z"
      }
    ]
  }
}

Retrieve changes to a CVE by identifier

get

Provides the entire change history of a CVE.

Authorizations
Path parameters
cve_idstringRequired

The identifier of the CVE to return, in the format CVE-YYYY-######

Example: CVE-2023-49103
Responses
200
successful
application/json
get
GET /api/cves/{cve_id}/history HTTP/1.1
Host: app.empiricalsecurity.com
Authorization: Bearer JWT
Accept: */*
200

successful

[
  {
    "data": {
      "identifier": "CVE-2023-49103",
      "description": "An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).",
      "cvss": [
        {
          "version": "3.1",
          "score": 10,
          "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "metrics": {
            "attack_vector": "Network",
            "attack_complexity": "Low",
            "privileges_required": "None",
            "user_interaction": "None",
            "scope": "Changed",
            "confidentiality": "High",
            "integrity": "High",
            "availability": "High"
          },
          "sources": [
            "cve@mitre.org",
            "mitre"
          ]
        },
        {
          "version": "3.1",
          "score": 7.5,
          "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "metrics": {
            "attack_vector": "Network",
            "attack_complexity": "Low",
            "privileges_required": "None",
            "user_interaction": "None",
            "scope": "Unchanged",
            "confidentiality": "High",
            "integrity": "None",
            "availability": "None"
          },
          "sources": [
            "nvd@nist.gov"
          ]
        }
      ],
      "references": [
        "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/",
        "https://owncloud.org/security"
      ],
      "has_exploitation_activity": true,
      "exploitation_activity": {
        "0_to_7_days": true,
        "8_to_30_days": true,
        "31_to_90_days": true,
        "91_to_365_days": true,
        "alltime": true
      },
      "tags": {
        "actor": [],
        "actor_action": [],
        "attack_vector": [],
        "component": [
          "mail server credentials",
          "license key",
          "ownCloud admin password"
        ],
        "keywords": [
          "information disclosure",
          "web",
          "configuration"
        ],
        "outcome": [
          "credential disclosure",
          "gather information"
        ],
        "prerequisite": [
          "URL is accessed"
        ],
        "stride": [
          "tampering",
          "information disclosure",
          "denial of service"
        ],
        "weakness": [
          "reveals the configuration details of the PHP environment",
          "exposes various other potentially sensitive configuration details"
        ]
      },
      "cwes": [
        {
          "identifier": "CWE-200",
          "name": "Exposure of Sensitive Information to an Unauthorized Actor",
          "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.",
          "category_name": "SFP Secondary Cluster: Exposed Data",
          "category_id": "CWE-963"
        }
      ],
      "reserved_at": "2023-11-21T00:00:00.000Z",
      "published_at": "2023-11-21T00:00:00.000Z",
      "last_updated_at": "2025-01-27T22:24:27.772Z",
      "cisa_kev_added_at": "2023-11-30T00:00:00.000Z",
      "shodan_vulnerability_count": null,
      "google_project_zero": {
        "present": false,
        "patched_at": null
      },
      "exploits": {
        "metasploit": [
          {
            "name": "ownCloud Phpinfo Reader",
            "fullname": "auxiliary/gather/owncloud_phpinfo_reader",
            "description": "Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app `graph` installed\n          contain a test file which prints `phpinfo()` to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter.\n          Docker may export sensitive environment variables including ownCloud, DB, redis, SMTP, and S3 credentials, as well as other host information.",
            "disclosure_date": "2023-11-21",
            "mod_time": "2023-12-04T20:09:56.000Z"
          }
        ],
        "exploitdb": [],
        "github": [
          {
            "repo": "d0rb/CVE-2023-49103",
            "prediction": 0.8660581707954407,
            "predicted_at": "2025-03-10T16:40:29.000Z",
            "repo_created_at": "2025-03-10T20:11:29.004Z"
          }
        ]
      },
      "hackerone_reports_submitted": 4,
      "scores": {
        "global": {
          "score": 0.9713943314711305,
          "percentile": 0.9998484036161284,
          "computed_at": "2025-03-16T07:27:24.000Z"
        },
        "epss_v3": {
          "score": 0.92099,
          "percentile": 0.99238,
          "computed_at": "2025-03-16T15:46:16.000Z"
        },
        "epss_v4": {
          "score": 0.9091291982186883,
          "percentile": 0.996181146025878,
          "computed_at": "2025-03-16T18:47:04.000Z"
        }
      },
      "platforms": [
        {
          "product": "product",
          "vendor": "vendor"
        }
      ]
    },
    "diff": {
      "cvss": {
        "old": [
          {
            "version": "3.1",
            "score": 10,
            "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "metrics": {
              "attack_vector": "Network",
              "attack_complexity": "Low",
              "privileges_required": "None",
              "user_interaction": "None",
              "scope": "Changed",
              "confidentiality": "High",
              "integrity": "High",
              "availability": "High"
            },
            "sources": [
              "cve@mitre.org",
              "mitre"
            ]
          }
        ],
        "new": [
          {
            "version": "3.1",
            "score": 10,
            "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "metrics": {
              "attack_vector": "Network",
              "attack_complexity": "Low",
              "privileges_required": "None",
              "user_interaction": "None",
              "scope": "Changed",
              "confidentiality": "High",
              "integrity": "High",
              "availability": "High"
            },
            "sources": [
              "cve@mitre.org",
              "mitre"
            ]
          },
          {
            "version": "3.1",
            "score": 7.5,
            "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "metrics": {
              "attack_vector": "Network",
              "attack_complexity": "Low",
              "privileges_required": "None",
              "user_interaction": "None",
              "scope": "Unchanged",
              "confidentiality": "High",
              "integrity": "None",
              "availability": "None"
            },
            "sources": [
              "nvd@nist.gov"
            ]
          }
        ]
      },
      "scores": {
        "old": {
          "global": {
            "score": 0.9137943314711305,
            "percentile": 0.9798484036161283,
            "computed_at": "2025-03-16T07:27:24.000Z"
          },
          "epss_v3": {
            "score": 0.90299,
            "percentile": 0.92938,
            "computed_at": "2025-03-16T15:46:16.000Z"
          },
          "epss_v4": {
            "score": 0.8991291982186883,
            "percentile": 0.966181146025878,
            "computed_at": "2025-03-16T18:46:04.000Z"
          }
        },
        "new": {
          "global": {
            "score": 0.9713943314711305,
            "percentile": 0.9998484036161284,
            "computed_at": "2025-03-16T07:27:24.000Z"
          },
          "epss_v3": {
            "score": 0.92099,
            "percentile": 0.99238,
            "computed_at": "2025-03-16T15:46:16.000Z"
          },
          "epss_v4": {
            "score": 0.9091291982186883,
            "percentile": 0.996181146025878,
            "computed_at": "2025-03-16T18:47:04.000Z"
          }
        }
      }
    },
    "generated_at": "2025-04-02T21:20:15.366Z"
  }
]

Retrieve all CVE data as a .jsonl.gz file

get

Provides a redirect which should be followed to obtain the latest CVE data file. The data is returned as a gzipped jsonl (JSON Lines) formatted file containing data for all CVEs we have in our system.

Authorizations
Responses
302
redirect
get
GET /api/cves/all HTTP/1.1
Host: app.empiricalsecurity.com
Authorization: Bearer JWT
Accept: */*
302

redirect

No content

  • GETRetrieve a CVE by identifier
  • GETRetrieve historical scores by CVE identifier
  • GETRetrieve changes to a CVE by identifier
  • GETRetrieve all CVE data as a .jsonl.gz file