fcti-vuln-reports

Fetch vulnerability reports from FCTI

fcti-vuln-reports [proxy=PROXY] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss]

proxy=PROXY: URL of the proxy server
duration=NUM{mon|w|d|h|m|s}: Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example, 10s means data from 10 seconds earlier.
from=yyyyMMddHHmmss: Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
to=yyyyMMddHHmmss: End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.

Output Fields

Field	Type	Name	Description
_time	Date	Time
title	String	Subject
first_seen	Date	First seen
last_updated	Date	Last updated
urgency	Double	Urgency	e.g. 7.5
severity	Double	Severity	e.g. 6.7
bugtraq_id	String	Bugtraq ID	e.g. 108917
cve_id	String	CVE ID	e.g. CVE-2018-3823
remote	Bool	Is remote	Allow an attacker to execute arbitrary code on a remote device
local	Bool	Is local
possibility	String	Possibility	e.g. always, user initiated, circumstantial
authentication	String	Authentication	e.g. Required, Not Required
reliability	String	Reliability	e.g. Vendor Confirmed
difficulty	String	Difficulty	e.g. Exploit Available, No Exploit Available
type	String	Type	e.g. Design Error, Input Validation Error
summary	String	Summary
effect	String	Effect
vulnerable_system	String	Vulnerable system
invulnerable_system	String	Invulnerable system
contents	String	Contents
attack_scenario	String	Attack scenario
exploit	String	Exploit
prevention	String	Prevention
solution	String	Solution
patch	String	Patch
reference	String	Reference
organization	String	Organization
writer	String	Author
stix_id	String	STIX ID
shared_scope	String	Shared scope	e.g. ALL, FSI, BANK, INVEST, INSURANCE, NONBANK, CUSTOM