NIST National Vulnerability Database Integration - API (CPE only) - ??

Don Dom · ‎07-24-2025

Hello.

We have enabled "NIST National Vulnerability Database Integration - API (CVE only) "

As per documentation and even a labs from SN course.

It's loading data to: "sn_vul_entry"

What I see in the list is also:

NIST National Vulnerability Database Integration - API (CPE only)

NIST National Vulnerability Database Integration - API (Unmapped CPE)

What exactly is "NIST National Vulnerability Database Integration - API (CPE only) "?

To which table it will be loaded?

The same as "NIST National Vulnerability Database Integration - API (CVE only) " ? sn_vul_entry ?

Activation of this interface is with the same exact API Key requested as for CVE?

Please advise

Thx

Periyasamy P · ‎07-31-2025

NIST National Vulnerability Database Integration - API (CVE only), Loads the CVE information in table called "National Vulnerability Database Entries (sn_vul_nvd_entry)". And refer script include "NVDAPIProcessor" to understand how data is processed and added into target table.

NIST National Vulnerability Database Integration - API (CPE only), Loads software affected by vulnerabilities in table called "Vulnerable Software (sn_vul_software)" and mapping between CVE and this sofwatre is stored in m2m table called "Vulnerability Software (sn_vul_m2m_entry_software)". And refer script include "NVDAPICPEProcessor" to understand how data is processed and added into target table.