Enricher - CVE Search


This article describes the specific configuration options to set up the enricher.
To configure the general options for the enricher, see Configure the general options.


Specifications

Enricher name

CVE Search

Input

CVE.

Output

Enriches supported observable types with CVE details.

API endpoint

https://cve.circl.lu/api/cve/

Description

Enriches supported observable types with information about common software and hardware vulnerabilities, along with the corresponding exposures.
The enricher contacts the Computer Incident Response Center Luxembourg (CIRCL) cve-search API to retrieve all the available details associated with the input CVE IDs.
CVE information about common software and hardware vulnerabilities, along with the corresponding exposures, is stored in the platform as enrichment observables.

Configure the CVE Search enricher parameters

  1. Edit the enricher.

  2. From the Observable types drop-down menu, select one or more observable types you want to enrich with data retrieved through the CVE Search enricher.

  3. In the CVE API URL field is automatically filled in with the default domain for the endpoint.
    You can add a proxy or set up ports according to your needs.
    Default value: https://cve.circl.lu/api/cve/.

  4. To store your changes, click Save; to discard them, click Cancel.

See also