VulnDB

Use the VulnDB integration to get information about vulnerabilities for various products, including operating systems, applications, and so on.

Configure VulnDB on Demisto

  1. Navigate to Settings > Integrations > Servers & Services .
  2. Search for VulnDB.
  3. Click Add instance to create and configure a new integration instance.
    • Name : a textual name for the integration instance.
    • Hostname, IP address, or server URL
    • client_id
    • client_secret
    • Trust any certificate (not secure)
    • Use system proxy settings
  4. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

  1. Get information for a vulnerability (ID): vulndb-get-vuln-by-id
  2. Get information for a vendor: vulndb-get-vendor
  3. Get a list of product versions: vulndb-get-product
  4. Get the version of a single product: vulndb-get-version
  5. Get a list of recent vulnerabilities: vulndb-get-updates-by-dates-or-hours
  6. Get information for a vulnerability (vendor name and product name): vulndb-get-vuln-by-vendor-and-product-name
  7. Get information for a vulnerability (vendor ID and product ID): vulndb-get-vuln-by-vendor-and-product-id
  8. Get information for a vulnerability (vendor ID): vulndb-get-vuln-by-vendor-id
  9. Get information for a vulnerability (product ID): vulndb-get-vuln-by-product-id
  10. Get information for a vulnerability (CVE ID): vulndb-get-vuln-by-cve-id

1. Get information for a vulnerability (ID)


Returns full details about a specific vulnerability.

Base Command

vulndb-get-vuln-by-id

Input
Argument Name Description Required
vuln_id ID of the vulnerability for which to return information. Required

Context Output
Path Type Description
VulnDB.Vulnerability.ID string Vulnerability ID.
VulnDB.Vulnerability.Title string Vulnerability title (human readable).
VulnDB.Vulnerability.Keywords string Vulnerability keywords.
VulnDB.Vulnerability.Description string Vulnerability description (human readable).
VulnDB.Vulnerability.Solution string Vulnerability solution (human readable).
VulnDB.Vulnerability.PublishedDate date Vulnerability published date.
VulnDB.Vulnerability.TDescription string Vulnerability description (human readable).
VulnDB.Vulnerability.SolutionDate date Vulnerability solution date.
VulnDB.Vulnerability.DiscoveryDate date Vulnerability discovery date.
VulnDB.Vulnerability.ExploitPublishDate date Exploit publish date.
VulnDB.CVE-ExtReferences.Value string CVE (constant string).
VulnDB.CvssMetrics.Id number CVSS reference value.
VulnDB.CvssMetrics.AccessVector string CVSS access vector.
VulnDB.CvssMetrics.AccessComplexity string CVSS access complexity.
VulnDB.CvssMetrics.Authentication string CVSS metric authentication.
VulnDB.CvssMetrics.ConfidentialityImpact string CVSS confidentiality impact.
VulnDB.cvssMetrics.IntegrityImpact string CVSS integrity impact.
VulnDB.CvssMetrics.AvailabilityImpact string CVSS availability impact.
VulnDB.CvssMetrics.GeneratedOn date CVSS metric date.
VulnDB.CvssMetrics.Score number CVSS score.
VulnDB.Vendor.Id number Vendor ID.
VulnDB.Vendor.Name string Vendor name.
VulnDB.Products.Id number Product IDs.
VulnDB.Products.Name string Product names.
VulnDB.Products.Versions.Id number Product version IDs.
VulnDB.Products.Versions.Name string Product version names.
VulnDB.Classification.Longname string Classification name (long).
VulnDB.Classification.Description string Classification description (human-readable).

Command Example
!vulndb-get-vuln-by-id vuln_id="1"
Human Readable Output

2. Get information for a vendor


Returns all, or specific, vendor details to include vendor name and ID.

Base Command

vulndb-get-vendor

Input
Argument Name Description Required
vendor_id Vendor ID. Optional
vendor_name Vendor name (only human-readable). Optional
max_size Maximum number of entries to return. A high number of entries might affect performance. Optional

Context Output
Path Type Description
VulnDB.Results.Id number Result ID.
VulnDB.Results.Name string Result name.
VulnDB.Results.ShortName string Result short name.
VulnDB.Results.VendorUrl string Result vendor URL (human-readable).

Command Example
!vulndb-get-vendor max_size="20"
Human Readable Output

3. Get a list of product versions


Returns a list of versions by product name or ID.

Base Command

vulndb-get-product

Input
Argument Name Description Required
vendor_id Vendor ID. Optional
vendor_name Vendor name. Optional
max_size Maximum number of entries to return. A high number of entries might effect performance. Optional

Context Output
Path Type Description
VulnDB.Results.Id number Result ID.
VulnDB.Results.Name string Result name.

Command Example
!vulndb-get-product vendor_id="2974649" max_size="20"
Human Readable Output

4. Get the version of a single product


Returns the version of the specified product.

Base Command

vulndb-get-version

Input
Argument Name Description Required
product_name Product name. Optional
product_id Product ID. Optional
max_size Maximum number of entries to return. A high number of entries might effect performance. Optional

Context Output
Path Type Description
VulnDB.Results.Id number Version ID.
VulnDB.Results.Name Unknown Version name.

Command Example
!vulndb-get-version product_name="1-Search" max_size="20"
Human Readable Output

5. Get a list of recent vulnerabilities


Returns recent vulnerabilities, by date or number of hours.

Base Command

vulndb-get-updates-by-dates-or-hours

Input
Argument Name Description Required
start_date Start date for which to return vulnerabilities. Optional
end_date End date for which to return vulnerabilities. Optional
hours_ago Number of previous hours for which to return vulnerabilities. Optional
max_size Maximum number of entries to return. A high number of entries might effect performance. Optional

Context Output
Path Type Description
VulnDB.Vulnerability.ID string Vulnerability ID.
VulnDB.Vulnerability.Title string Vulnerability title (human-readable).
VulnDB.Vulnerability.Keywords string Vulnerability keywords.
VulnDB.Vulnerability.Description string Vulnerability description (human-readable).
VulnDB.Vulnerability.Solution string Vulnerability solution (human readable).
VulnDB.Vulnerability.PublishedDate date Vulnerability published date.
VulnDB.Vulnerability.TDescription string Vulnerability description (human-readable).
VulnDB.Vulnerability.SolutionDate date Vulnerability solution date.
VulnDB.Vulnerability.DiscoveryDate date Vulnerability discovery date.
VulnDB.Vulnerability.ExploitPublishDate date Exploit publish date.
VulnDB.CVE-ExtReferences.Value string CVE (constant string).
VulnDB.CvssMetrics.Id number CVSS reference value.
VulnDB.CvssMetrics.AccessVector string CVSS access vector.
VulnDB.CvssMetrics.AccessComplexity string Cvss access complexity
VulnDB.CvssMetrics.Authentication string CVSS metric authentication.
VulnDB.CvssMetrics.ConfidentialityImpact string CVSS confidentiality impact.
VulnDB.cvssMetrics.integrity_impact string CVSS integrity impact.
VulnDB.CvssMetrics.AvailabilityImpact string CVSS availability impact.
VulnDB.CvssMetrics.Generated_on date CVSS metric date.
VulnDB.CvssMetrics.Score number CVSS score.
VulnDB.Vendors.Id number Vendor ID.
VulnDB.Vendor.Name string Vendor name.
VulnDB.Products.Id number Product IDs.
VulnDB.Products.Name string Product names.
VulnDB.Products.Versions.Id number Product version IDs.
VulnDB.Products.Versions.Name string Product version names.
VulnDB.Classification.Longname string Classification name (long).
VulnDB.Classification.Description string Classification description (human-readable).

Command Example
!vulndb-get-updates-by-dates-or-hours start_date="2015-10-27T04:27:22" end_date="2017-10-27T04:27:22" max_size="20"

6. Get information for a vulnerability (vendor name and product name)


Returns full details about a specific vulnerability, by vendor name and product name.

Base Command

vulndb-get-vuln-by-vendor-and-product-name

Input
Argument Name Description Required
vendor_name Vendor name. Required
product_name Product name. Required
max_size Maximum number of entries to return. A high number of entries might affect performance. Optional

Context Output
Path Type Description
VulnDB.Vulnerability.ID string Vulnerability ID.
VulnDB.Vulnerability.Title string Vulnerability title (human-readable).
VulnDB.Vulnerability.Keywords string Vulnerability keywords.
VulnDB.Vulnerability.Description string Vulnerability description (human-readable).
VulnDB.Vulnerability.Solution string Vulnerability solution (human-readable).
VulnDB.Vulnerability.PublishedDate date Vulnerability published date.
VulnDB.Vulnerability.TDescription string Vulnerability description (human-readable).
VulnDB.Vulnerability.SolutionDate date Vulnerability solution date.
VulnDB.Vulnerability.DiscoveryDate date Vulnerability discovery date.
VulnDB.Vulnerability.ExploitPublishDate date Exploit publish date.
VulnDB.CVE-ExtReferences.Value string CVE (constant string).
VulnDB.CvssMetrics.Id number CVSS reference value.
VulnDB.CvssMetrics.AccessVector string CVSS access vector.
VulnDB.CvssMetrics.AccessComplexity string CVSS access complexity.
VulnDB.CvssMetrics.Authentication string CVSS metric authentication.
VulnDB.CvssMetrics.ConfidentialityImpact string CVSS confidentiality impact.
VulnDB.cvssMetrics.integrity_impact string CVSS integrity impact.
VulnDB.CvssMetrics.AvailabilityImpact string CVSS availability impact.
VulnDB.CvssMetrics.Generated_on date CVSS metric date.
VulnDB.CvssMetrics.Score number CVSS score.
VulnDB.Vendors.Id number Vendor ID.
VulnDB.Vendor.Name string Vendor name.
VulnDB.Products.Id number Product IDs.
VulnDB.Products.Name string Product names.
VulnDB.Products.Versions.Id number Product version IDs.
VulnDB.Products.Versions.Name string Product version names.
VulnDB.Classification.Longname string Classification (name).
VulnDB.Classification.Description string Classification description (human-readable).

Command Example
!vulndb-get-vuln-by-vendor-and-product-name vendor_name="Adobe Systems Incorporated" product_name="ColdFusion" max_size="20"

7. Get information for a vulnerability (vendor ID and product ID)


Returns full details about a specific vulnerability, by vendor ID and product ID.

Base Command

vulndb-get-vuln-by-vendor-and-product-id

Input
Argument Name Description Required
vendor_id Vendor ID. Required
product_id Product ID. Required
max_size Maximum number of entries to return. A high number of entries might affect performance. Optional

Context Output
Path Type Description
VulnDB.Vulnerability.ID string Vulnerability ID.
VulnDB.Vulnerability.Title string Vulnerability title (human-readable).
VulnDB.Vulnerability.Keywords string Vulnerability keywords.
VulnDB.Vulnerability.Description string Vulnerability description (human-readable).
VulnDB.Vulnerability.Solution string Vulnerability solution (human-readable).
VulnDB.Vulnerability.PublishedDate date Vulnerability published date.
VulnDB.Vulnerability.TDescription string Vulnerability description (human-readable).
VulnDB.Vulnerability.SolutionDate date Vulnerability solution date.
VulnDB.Vulnerability.DiscoveryDate date Vulnerability discovery date.
VulnDB.Vulnerability.ExploitPublishDate date Exploit publish date.
VulnDB.CVE-ExtReferences.Value string CVE (constant string).
VulnDB.CvssMetrics.Id number CVSS reference value.
VulnDB.CvssMetrics.AccessVector string CVSS access vector.
VulnDB.CvssMetrics.AccessComplexity string CVSS access complexity.
VulnDB.CvssMetrics.Authentication string CVSS metric authentication.
VulnDB.CvssMetrics.ConfidentialityImpact string CVSS confidentiality impact.
VulnDB.cvssMetrics.integrity_impact string CVSS integrity impact.
VulnDB.CvssMetrics.AvailabilityImpact string CVSS availability impact.
VulnDB.CvssMetrics.Generated_on date CVSS metric date.
VulnDB.CvssMetrics.Score number CVSS score.
VulnDB.Vendors.Id number Vendor ID.
VulnDB.Vendor.Name string Vendor name.
VulnDB.Products.Id number Product IDs.
VulnDB.Products.Name string Product names.
VulnDB.Products.Versions.Id number Product version IDs.
VulnDB.Products.Versions.Name string Product version names.
VulnDB.Classification.Longname string Classification name (long).
VulnDB.Classification.Description string Classification description (human-readable).

Command Example
!vulndb-get-vuln-by-vendor-and-product-id vendor_id="5011" product_id="1777" max_size="20"
Human Readable Output

8. Get information for a vulnerability (vendor ID)


Returns full details about vulnerabilities, by vendor ID.

Base Command

vulndb-get-vuln-by-vendor-id

Input
Argument Name Description Required
vendor_id Vendor ID. Required
max_size Maximum number of entries to return. A high number of entries might effect performance. Optional

Context Output
Path Type Description
VulnDB.Vulnerability.ID string Vulnerability ID.
VulnDB.Vulnerability.Title string Vulnerability title (human-readable).
VulnDB.Vulnerability.Keywords string Vulnerability keywords.
VulnDB.Vulnerability.Description string Vulnerability description (human-readable).
VulnDB.Vulnerability.Solution string Vulnerability solution (human-readable).
VulnDB.Vulnerability.PublishedDate date Vulnerability published date.
VulnDB.Vulnerability.TDescription string Vulnerability description (human-readable).
VulnDB.Vulnerability.SolutionDate date Vulnerability solution date.
VulnDB.Vulnerability.DiscoveryDate date Vulnerability discovery date.
VulnDB.Vulnerability.ExploitPublishDate date Exploit publish date.
VulnDB.CVE-ExtReferences.Value string CVE (constant string).
VulnDB.CvssMetrics.Id number CVSS reference value.
VulnDB.CvssMetrics.AccessVector string CVSS access vector.
VulnDB.CvssMetrics.AccessComplexity string CVSS access complexity.
VulnDB.CvssMetrics.Authentication string CVSS metric authentication.
VulnDB.CvssMetrics.ConfidentialityImpact string CVSS confidentiality impact.
VulnDB.cvssMetrics.integrity_impact string CVSS integrity impact.
VulnDB.CvssMetrics.AvailabilityImpact string CVSS availability impact.
VulnDB.CvssMetrics.Generated_on date CVSS metric date.
VulnDB.CvssMetrics.Score number CVSS score.
VulnDB.Vendors.Id number Vendor ID.
VulnDB.Vendor.Name string Vendor name.
VulnDB.Products.Id number Product IDs.
VulnDB.Products.Name string Product names.
VulnDB.Products.Versions.Id number Product version IDs.
VulnDB.Products.Versions.Name string Product version names.
VulnDB.Classification.Longname string Classification (name).
VulnDB.Classification.Description string Classification description (human-readable).

Command Example
!vulndb-get-vuln-by-vendor-id vendor_id="5011" max_size="20"

9. Get information for a vulnerability (product ID)


Returns full details about vulnerabilities, by product ID.

Base Command

vulndb-get-vuln-by-product-id

Input
Argument Name Description Required
product_id Product ID. Required
max_size Maximum number of entries to return. A high number of entries might affect performance. Optional

Context Output
Path Type Description
VulnDB.Vulnerability.ID string Vulnerability ID.
VulnDB.Vulnerability.Title string Vulnerability title (human-readable).
VulnDB.Vulnerability.Keywords string Vulnerability keywords.
VulnDB.Vulnerability.Description string Vulnerability description (human-readable).
VulnDB.Vulnerability.Solution string Vulnerability solution (human-readable).
VulnDB.Vulnerability.PublishedDate date Vulnerability published date.
VulnDB.Vulnerability.TDescription string Vulnerability description (human-readable).
VulnDB.Vulnerability.SolutionDate date Vulnerability solution date.
VulnDB.Vulnerability.DiscoveryDate date Vulnerability discovery date.
VulnDB.Vulnerability.ExploitPublishDate date Exploit publish date.
VulnDB.CVE-ExtReferences.Value string CVE (constant string).
VulnDB.CvssMetrics.Id number CVSS reference value.
VulnDB.CvssMetrics.AccessVector string CVSS access vector.
VulnDB.CvssMetrics.AccessComplexity string CVSS access complexity.
VulnDB.CvssMetrics.Authentication string CVSS metric authentication.
VulnDB.CvssMetrics.ConfidentialityImpact string CVSS confidentiality impact.
VulnDB.cvssMetrics.integrity_impact string CVSS integrity impact.
VulnDB.CvssMetrics.AvailabilityImpact string CVSS availability impact.
VulnDB.CvssMetrics.Generated_on date CVSS metric date.
VulnDB.CvssMetrics.Score number CVSS score.
VulnDB.Vendors.Id number Vendor ID.
VulnDB.Vendor.Name string Vendor name.
VulnDB.Products.Id number Products ID.
VulnDB.Products.Name string Product names.
VulnDB.Products.Versions.Id number Product version IDs.
VulnDB.Products.Versions.Name string Product version names.
VulnDB.Classification.Longname string Classification (name).
VulnDB.Classification.Description string Classification description (human-readable).

Command Example
!vulndb-get-vuln-by-product-id product_id="1777" max_size="20"

10. Get information for a vulnerability (CVE ID)


Returns full details about vulnerabilities, by CVE ID.

Base Command

vulndb-get-vuln-by-cve-id

Input
Argument Name Description Required
cve_id CVE ID. Required
max_size Maximum number of entries to return. A high number of entries might effect performance. Optional

Context Output
Path Type Description
VulnDB.Vulnerability.ID string Vulnerability ID.
VulnDB.Vulnerability.Title string Vulnerability title (human-readable).
VulnDB.Vulnerability.Keywords string Vulnerability keywords.
VulnDB.Vulnerability.Description string Vulnerability description (human-readable).
VulnDB.Vulnerability.Solution string Vulnerability solution (human-readable).
VulnDB.Vulnerability.PublishedDate date Vulnerability published date.
VulnDB.Vulnerability.TDescription string Vulnerability description (human-readable).
VulnDB.Vulnerability.SolutionDate date Vulnerability solution date.
VulnDB.Vulnerability.DiscoveryDate date Vulnerability discovery date.
VulnDB.Vulnerability.ExploitPublishDate date Exploit publish date.
VulnDB.CVE-ExtReferences.Value string CVE (constant string).
VulnDB.CvssMetrics.Id number CVSS reference value.
VulnDB.CvssMetrics.AccessVector string CVSS access vector.
VulnDB.CvssMetrics.AccessComplexity string CVSS access complexity.
VulnDB.CvssMetrics.Authentication string CVSS metric authentication.
VulnDB.CvssMetrics.ConfidentialityImpact string CVSS confidentiality impact.
VulnDB.cvssMetrics.integrity_impact string CVSS integrity impact.
VulnDB.CvssMetrics.AvailabilityImpact string CVSS availability impact.
VulnDB.CvssMetrics.Generated_on date CVSS metric date.
VulnDB.CvssMetrics.Score number CVSS score.
VulnDB.Vendors.Id number Vendor ID.
VulnDB.Vendor.Name string Vendor name.
VulnDB.Products.Id number Product IDs.
VulnDB.Products.Name string Product names.
VulnDB.Products.Versions.Id number Product version IDs.
VulnDB.Products.Versions.Name string Product version names.
VulnDB.Classification.Longname string Classification name (long).
VulnDB.Classification.Description string Classification description (human-readable).

Command Example
!vulndb-get-vuln-by-cve-id cve_id="2013-1228" max_size="20"