Legacy - Exploit Intelligence Service
Our legacy product, the Exploit Intelligence Service (EIS), generates a json file including the following fields. Reach out if you are a user of EIS and we will help you transition your workflows to the new API.
Data Dictionary
cve_id
string
The CVE identifier as assigned in the Mitre CVE List.
Format: CVE-YYYY-XXXX
mitre.published
string
The date when Mitre published the CVE on their CVEList
date
mitre.modified
string
The date when this CVE was last modified by Mitre
date
mitre.reserved
string
The date when Mitre reserved the CVE on their CVEList, not entirely trustworthy date before 2022.
date
nvd.published
string
The date when NVD published the CVE
nvd.modified
string
The date when NVD last modified this CVE
description
string
CVE Description
cwe
string, null
Common weakness enumeration - CWE
tags.keywords
array of strings
normalized tags extracted from text descriptions of this CVE
tags.outcome
array of strings
extracted and descriptive text that represent an outcome of exploitations
tags.actor_action
array of strings
extracted and descriptive text that represent the actions an attacker may take during exploitations
tags.actor
array of strings
extracted and descriptive text that represent the attacker and any qualifications
tags.weakness
array of strings
extracted and descriptive text that represent the weakness in the target
tags.prerequisite
array of strings
extracted and descriptive text that represent any prerequisite in the defenders environment that must exist prior to exploitation
tags.attack_vector
array of strings
extracted and descriptive text that represent the delivery of an exploitation (pdf file, crafted HTML, etc)
tags.stride
array of strings
STRIDE values derived from vulnerability attributes
references.description
string
description/classification of the url
references.url
string
URL reference
platform.part
string ["h","o","a"]
type of platform, (h)ardware, (o)perating system or (a)pplication
platform.vendor
string
vulnerable vendor for this CVE
platform.product
string
vulnerable product from associated vendor
epss.version
string
version of EPSS generating this score
epss.score
number
The EPSS score, probability of exploitation
epss.percentile
number
the ranked percentile of this score among all scored CVEs
cvss.v2.version
cvss.v2.vector_string
cvss.v2.exploitability_score
cvss.v2.impact_score
cvss.v2.base_score
cvss.v3.version
cvss.v3.vector_string
cvss.v3.exploitability_score
cvss.v3.impact_score
cvss.v3.base_score
exploits.github.repo
github repo: https://github.com/
exploits.github.prediction
number
likelihood the repository contains an exploit
ML Model
exploits.github.repo_created
string
date time the repo was first created
exploits.github.file_added
string
if a file exists specifically mentioning this CVE, this is the date and time file was created
exploits.github.status
string
typically only if the repo has been removed
exploits.metasploit.name
string
short name of the module
exploits.metasploit.fullname
string
exploits.metasploit.description
string
text description from the module
exploits.metasploit.disclosure_date
date the module was first published
exploits.metasploit.mod_time
string
last modification date/time for the module
exploits.exploitdb.url
string
url to exploit db page
exploits.exploitdb.date
exploits.exploitdb.author
exploits.exploitdb.platform
exploits.exploitdb.type
offsec.src
string
tool/software where CVE mapping was identified
offsec.added
string
when cve was added to tool/software
offsec.modified
string
when cve component was last modified
apts.name
string
Group name associated with this vulnerability
apts.akas.aka
string
Alias for the group name
apts.akas.aka_source
string
Source of the group name alias
Last updated
Was this helpful?