NIST National Vulnerability Database Integration - API (CPE only) - ??

Don Dom
Tera Contributor

‎07-24-2025 04:36 AM - edited ‎07-24-2025 04:45 AM

Hello.

 

We have enabled "NIST National Vulnerability Database Integration - API (CVE only) "

As per documentation and even a labs from SN course.

DonDom_0-1753357492898.png

 

It's loading data to: "sn_vul_entry"

 

What I see in the list is also:

NIST National Vulnerability Database Integration - API (CPE only) 

NIST National Vulnerability Database Integration - API (Unmapped CPE) 

 

What exactly is "NIST National Vulnerability Database Integration - API (CPE only) "?

To which table it will be loaded?

The same as "NIST National Vulnerability Database Integration - API (CVE only) " ? sn_vul_entry ?

 

Activation of this interface is with the same exact API Key requested as  for CVE?

 

Please advise

Thx

0 Helpfuls
  • 489 Views
1 REPLY 1

Periyasamy P
Tera Guru

‎07-31-2025 12:41 PM

NIST National Vulnerability Database Integration - API (CVE only), Loads the CVE information in table called "National Vulnerability Database Entries (sn_vul_nvd_entry)". And refer script include "NVDAPIProcessor" to understand how data is processed and added into target table.

 

NIST National Vulnerability Database Integration - API (CPE only),  Loads software affected by vulnerabilities in table called "Vulnerable Software (sn_vul_software)" and mapping between CVE and this sofwatre is stored in m2m table called "Vulnerability Software (sn_vul_m2m_entry_software)".  And refer script include "NVDAPICPEProcessor" to understand how data is processed and added into target table.