CIRCLVulnerabilityLookup#
README
CIRCL Vulnerability Lookup Analyzer#
Queries the CIRCL Vulnerability Lookup API to retrieve detailed information on security vulnerabilities, including CVEs, severity (CVSS), exploit prediction (EPSS), affected products, advisories, and recent sightings.
Configuration#
Set the url of the CIRCL Vulnerability Lookup API (pre-filled) and your API token in the analyzer’s configuration in Cortex.
Usage#
Run the analyzer on a CVE or vulnerability observable. The analyzer will fetch and display comprehensive vulnerability details directly in TheHive.
Requirements#
- valid API token from CIRCL Vulnerability Lookup.
Preview#
Short report#
Long report#
CIRCLVulnerabilityLookup#
Author: Fabien Bloume, StrangeBee
License: AGPL-V3
Version: 1.0
Supported observables types:
- cve
- cve_id
- vuln
- vuln_id
- vulnerability
- vulnerability_id
- cveid
- other
Registration required: True
Subscription required: False
Free subscription: True
Third party service: N/A
Description#
Queries the CIRCL Vulnerability Lookup API to retrieve detailed information on security vulnerabilities, including CVEs, severity (CVSS), exploit prediction (EPSS), affected products, advisories, and recent sightings.
Configuration#
| url | CIRCL Vulnerability Lookup |
|---|---|
| Default value if not configured | https://vulnerability.circl.lu/ |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| token | CIRCL Vulnerability Lookup token |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
