LogoLogo
  • Empirical Security
    • Overview
    • Authentication
    • Search Syntax
    • Errors
  • Products
  • Empirical.Models.Global
  • Empirical.Models.EPSS
  • Legacy - Exploit Intelligence Service
  • API References
    • CVEs
    • Search
    • Specification
Powered by GitBook
On this page

Was this helpful?

Export as PDF

Legacy - Exploit Intelligence Service

Our legacy product, the Exploit Intelligence Service (EIS), generates a json file including the following fields. Reach out if you are a user of EIS and we will help you transition your workflows to the new API.

Data Dictionary

Field Name
Data Type
Description
Notes

cve_id

string

The CVE identifier as assigned in the Mitre CVE List.

Format: CVE-YYYY-XXXX

mitre.published

string

The date when Mitre published the CVE on their CVEList

date

mitre.modified

string

The date when this CVE was last modified by Mitre

date

mitre.reserved

string

The date when Mitre reserved the CVE on their CVEList, not entirely trustworthy date before 2022.

date

nvd.published

string

The date when NVD published the CVE

nvd.modified

string

The date when NVD last modified this CVE

description

string

CVE Description

cwe

string, null

Common weakness enumeration - CWE

tags.keywords

array of strings

normalized tags extracted from text descriptions of this CVE

tags.outcome

array of strings

extracted and descriptive text that represent an outcome of exploitations

tags.actor_action

array of strings

extracted and descriptive text that represent the actions an attacker may take during exploitations

tags.actor

array of strings

extracted and descriptive text that represent the attacker and any qualifications

tags.weakness

array of strings

extracted and descriptive text that represent the weakness in the target

tags.prerequisite

array of strings

extracted and descriptive text that represent any prerequisite in the defenders environment that must exist prior to exploitation

tags.attack_vector

array of strings

extracted and descriptive text that represent the delivery of an exploitation (pdf file, crafted HTML, etc)

tags.stride

array of strings

STRIDE values derived from vulnerability attributes

references.description

string

description/classification of the url

references.url

string

URL reference

platform.part

string ["h","o","a"]

type of platform, (h)ardware, (o)perating system or (a)pplication

platform.vendor

string

vulnerable vendor for this CVE

platform.product

string

vulnerable product from associated vendor

epss.version

string

version of EPSS generating this score

epss.score

number

The EPSS score, probability of exploitation

epss.percentile

number

the ranked percentile of this score among all scored CVEs

cvss.v2.version

cvss.v2.vector_string

cvss.v2.exploitability_score

cvss.v2.impact_score

cvss.v2.base_score

cvss.v3.version

cvss.v3.vector_string

cvss.v3.exploitability_score

cvss.v3.impact_score

cvss.v3.base_score

exploits.github.repo

github repo: https://github.com/

exploits.github.prediction

number

likelihood the repository contains an exploit

ML Model

exploits.github.repo_created

string

date time the repo was first created

exploits.github.file_added

string

if a file exists specifically mentioning this CVE, this is the date and time file was created

exploits.github.status

string

typically only if the repo has been removed

exploits.metasploit.name

string

short name of the module

exploits.metasploit.fullname

string

exploits.metasploit.description

string

text description from the module

exploits.metasploit.disclosure_date

date the module was first published

exploits.metasploit.mod_time

string

last modification date/time for the module

exploits.exploitdb.url

string

url to exploit db page

exploits.exploitdb.date

exploits.exploitdb.author

exploits.exploitdb.platform

exploits.exploitdb.type

offsec.src

string

tool/software where CVE mapping was identified

offsec.added

string

when cve was added to tool/software

offsec.modified

string

when cve component was last modified

apts.name

string

Group name associated with this vulnerability

apts.akas.aka

string

Alias for the group name

apts.akas.aka_source

string

Source of the group name alias

PreviousEmpirical.Models.EPSSNextCVEs

Last updated 9 days ago

Was this helpful?