cisa-kev-catalog
Fetch vulnerabilities from CISA Known Exploited Vulnerabilities catalog.
cisa-kev-catalog [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss] [http-proxy=HTTP-PROXY]
duration=NUM{mon|w|d|h|m|s}
: Optional. Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example, `10s` means data from 10 seconds earlier.
from=yyyyMMddHHmmss
: Optional. Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
to=yyyyMMddHHmmss
: Optional. End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
http-proxy=HTTP-PROXY
: Optional. HTTP proxy server (IP:port)
**Output Fields**
| Field | Type | Name | Description |
| ----------------------- | ------ | -------------------- | ------------------------------------ |
| _time | Date | Time | Date added to CISA catalog |
| cve | String | CVE | CVE identifier |
| vendor | String | Vendor | Vendor or project name |
| product | String | Product | Affected product |
| name | String | Name | Vulnerability name |
| description | String | Description | Technical summary |
| required_action | String | Required Action | Mitigation instructions |
| due_date | Date | Due Date | Mitigation deadline |
| is_ransomware_exploited | Bool | Ransomware Exploited | Whether used in ransomware campaigns |
| note | String | Note | References and advisory URLs |
| cwe | String | CWE | Related CWE identifiers |
| catalog_version | String | Catalog Version | CISA catalog version |
duration=NUM{mon|w|d|h|m|s}
: Optional. Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example, `10s` means data from 10 seconds earlier.
from=yyyyMMddHHmmss
: Optional. Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
to=yyyyMMddHHmmss
: Optional. End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
http-proxy=HTTP-PROXY
: Optional. HTTP proxy server (IP:port)
**Output Fields**
| Field | Type | Name | Description |
| ----------------------- | ------ | -------------------- | ------------------------------------ |
| _time | Date | Time | Date added to CISA catalog |
| cve | String | CVE | CVE identifier |
| vendor | String | Vendor | Vendor or project name |
| product | String | Product | Affected product |
| name | String | Name | Vulnerability name |
| description | String | Description | Technical summary |
| required_action | String | Required Action | Mitigation instructions |
| due_date | Date | Due Date | Mitigation deadline |
| is_ransomware_exploited | Bool | Ransomware Exploited | Whether used in ransomware campaigns |
| note | String | Note | References and advisory URLs |
| cwe | String | CWE | Related CWE identifiers |
| catalog_version | String | Catalog Version | CISA catalog version |