CVE Details

CVE details are displayed in the following tabs.

CVE Description tab

The Description tab shows the following information:

SectionDescription
General informationA description of the CVE.

To see the CVE in NVD, click Open in NVD.
Additional informationNVD information, including:
- NVD dates
- Source and type of vulnerability
- Qualys QID or Tenable Plugin vulnerability type IDs

Shows cyberterms related to the CVE. To see more details, hover over the cyberterm.
Mentions over timeShows the mentions from all web sources over the past six months. You can change the date range. Peaks normally indicate spikes in exploits.
Severity score breakdownShows the attributes of the overall severity score. Each input is ranked from 1 (least risk) to 100 (highest risk).

CVE Intelligence Information tab

The Intelligence Information tab shows the following information:

SectionDescription
Source of mentionRapid7 enrichment that shows where the CVE was mentioned. 
If there are exploits, the Exploits  source is highlighted.

You can download the exploit by clicking Download Exploit.

Exploits can have a status of Verified or Not verified (exploits from exploit-db). A red exclamation point icon indicates that the status is unknown.

If a code exploit (from the Code Repositories source) is in proof of concept (POC) status, the mention will be tagged as POC. This piece of code is not known as an offical exploit, but is likely to turn into a published exploit in the near future.
Mention textShows the mention, a link to the source, and the author.

The mention is displayed in English, regardless of the source language (translated, if necessary). To revert to the original language, click Show original.

If the full mention cannot be displayed, click …Read more. The full mention is displayed with the relevant text highlighted.

If there are duplicate mentions, they are aggreggated into one. You can see the duplicates by clicking View Similar Mentions.

For exploits, severity is also displayed, as well as a link to download the exploit code.

Use the Find mentions field to search within the text that is displayed in all mentions. You can filter the mentions by date range.

To see other mentions that are not displayed, click Load more.

CVE CPEs tab

The CPEs tab lists all technologies that are affected by a CVE.

CVE Affected Hosts tab

The Affected Hosts tab shows more detailed information about the company assets that are affected by each CVE. To enable the display of this information, enable the data collection in the integration options for your CVE manager of choice, Qualys or Tenable.io.

Filter the Affected Hosts tab

You can filter the Affected Hosts tab based on the system-generated tags.

  • To show only the hosts that contain a specific tag (or hostname or IP address), enter the desired term into the search field.
  • To search the tags of a specific host, select the tags icon for that host. In the search dialog that is displayed, enter the desired tag into the search field.