CVE Details

CVE details are displayed in the following tabs:

CVE Description tab

The following figure shows the CVE Descriptio n tab :

temporary placeholder

The Description tab  shows the following information:

A - General informationCVE description.

To see the CVE in NVD, click Open in NVD.
B - Additional informationNVD information, including:- NVD dates- Source and type of vulnerability- Qualys QID or Tenable Plugin vulnerability type IDsShows cyberterms related to the CVE. To see more details, hover over the cyberterm.
C - Mentions over timeShows the mentions from all web sources over the past six months. You can change the date range. Peaks normally indicate spikes in exploits.
D - Rapid7 score breakdownShows the inputs to the overall Rapid7 score. Each input is ranked from 1 (least risk) to 100 (highest risk).

CVE Intelligence Information tab

The following figure shows the CVE Intelligence Information tab : temporary placeholder The Intelligence Information tab  shows the following information:

A - Source of mentionRapid7 enrichment that shows where the CVE was mentioned. Click a button to see the mentions for that source. 
If there are exploits, the Exploits  source is highlighted.

You can download the exploit by clicking Download Exploit.

temporary placeholder

Exploits can be of the following statues: Verified or Not verified (exploits from exploit-db), or temporary placeholder when the status is unknown.

If a code exploit (from the Code Repositories source) is in proof of concept (POC) status, the mention will be tagged as POC. This piece of code is not known as an offical exploit, but is likely to turn into a published exploit in the near future.
B - Mention textShows the mention, a link to the source, and the author.

The mention is displayed in English, regardless of the source language (translated, if necessary). To revert to the original language, click Show original.

If the full mention cannot be displayed, click ...Read more. The full mention is displayed with the relevant text highlighted.

If there are duplicate mentions, they are aggreggated into one. You can see the duplicates by clicking View Similar Mentions.

temporary placeholder

For exploits, severity is also displayed, as well as a link to download the exploit code.

Use the Find mentions  field to search within the text that is displayed in all mentions.

You can filter the mentions by date range.

To see other mentions that are not displayed, click Load more.

CVE CPEs tab

The following figure shows the CVE CPEs tab :
temporary placeholder

The CPEs tab enumerates all technologies that are affected by a CVE.

In the previous figure, 11 of the CPEs are relevant to the user's technologies and one is a general CPE, not relevant to the user.

CVE Affected Assets tab

The following figure shows the CVE Affected Assets tab:

temporary placeholder

The Affected Assets tab shows more detailed information about the company assets that are affected by each CVE. To enable the display of this information, enable the data collection in the integration options for your CVE manager (Qualys or