CVE Details

CVE details are displayed in the following tabs.

CVE Description tab

The Description tab shows the following information:

Section	Description
General information	A description of the CVE. To see the CVE in NVD, click Open in NVD.
Additional information	NVD information, including: - NVD dates - Source and type of vulnerability - Qualys QID or Tenable Plugin vulnerability type IDs Shows cyberterms related to the CVE. To see more details, hover over the cyberterm.
Mentions over time	Shows the mentions from all web sources over the past six months. You can change the date range. Peaks normally indicate spikes in exploits.
Severity score breakdown	Shows the attributes of the overall severity score. Each input is ranked from 1 (least risk) to 100 (highest risk).

CVE Intelligence Information tab

The Intelligence Information tab shows the following information:

Section	Description
Source of mention	Rapid7 enrichment that shows where the CVE was mentioned. If there are exploits, the Exploits source is highlighted. You can download the exploit by clicking Download Exploit. Exploits can have a status of Verified or Not verified (exploits from exploit-db). A red exclamation point icon indicates that the status is unknown. If a code exploit (from the Code Repositories source) is in proof of concept (POC) status, the mention will be tagged as POC. This piece of code is not known as an offical exploit, but is likely to turn into a published exploit in the near future.
Mention text	Shows the mention, a link to the source, and the author. The mention is displayed in English, regardless of the source language (translated, if necessary). To revert to the original language, click Show original. If the full mention cannot be displayed, click …Read more. The full mention is displayed with the relevant text highlighted. If there are duplicate mentions, they are aggreggated into one. You can see the duplicates by clicking View Similar Mentions. For exploits, severity is also displayed, as well as a link to download the exploit code.

Section

Description

Source of mention

Rapid7 enrichment that shows where the CVE was mentioned.
If there are exploits, the Exploits source is highlighted.

You can download the exploit by clicking Download Exploit.

Exploits can have a status of Verified or Not verified (exploits from exploit-db). A red exclamation point icon indicates that the status is unknown.

If a code exploit (from the Code Repositories source) is in proof of concept (POC) status, the mention will be tagged as POC. This piece of code is not known as an offical exploit, but is likely to turn into a published exploit in the near future.

Mention text

Shows the mention, a link to the source, and the author.

The mention is displayed in English, regardless of the source language (translated, if necessary). To revert to the original language, click Show original.

If the full mention cannot be displayed, click …Read more. The full mention is displayed with the relevant text highlighted.

If there are duplicate mentions, they are aggreggated into one. You can see the duplicates by clicking View Similar Mentions.

For exploits, severity is also displayed, as well as a link to download the exploit code.

Use the Find mentions field to search within the text that is displayed in all mentions. You can filter the mentions by date range.

To see other mentions that are not displayed, click Load more.

CVE CPEs tab

The CPEs tab lists all technologies that are affected by a CVE.

CVE Affected Hosts tab

The Affected Hosts tab shows more detailed information about the company assets that are affected by each CVE. To enable the display of this information, enable the data collection in the integration options for your CVE manager of choice, Qualys or Tenable.io.

Filter the Affected Hosts tab

You can filter the Affected Hosts tab based on the system-generated tags.

To show only the hosts that contain a specific tag (or hostname or IP address), enter the desired term into the search field.
To search the tags of a specific host, select the tags icon for that host. In the search dialog that is displayed, enter the desired tag into the search field.