tatum-cnapp-cve-records
Get CVE records from Tatum CNAPP service.
tatum-cnapp-cve-records [profile=PROFILE] [has-cwe=t] [has-cvss=t]
- profile=PROFILE
- Connect profile code of Tatum CNAPP.
- has-cwe=HAS-CWE
- Specify "t" to filter CVE records that have CWE.
- has-cvss=HAS-CVSS
- Specify "t" to filter CVE records that have CVSS.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect Profile | Connect profile code of Tatum CNAPP. |
| cve | String | CVE ID | e.g. CVE-1999-0236 |
| severity | String | Severity | e.g. CRITICAL, HIGH, MEDIUM, LOW |
| title | String | Title | e.g. CVE-1999-0236 affecting package httpd 2.4.46-3 |
| cwe | String | CWE ID | Line separated CWE IDs. e.g. CWE-123 |
| description | String | Description | e.g. ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. |
| reference | String | References | Line separated URLs. |
| cvss_source | String | CVSS Source | e.g. nvd, aqua, redhat |
| cvss_v3_score | Double | CVSS v3 Score | e.g. 9.8 |
| cvss_v3_vector | String | CVSS v3 Vector | e.g. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| cvss_v2_score | Double | CVSS v2 Score | e.g. 7.2 |
| cvss_v2_vector | String | CVSS v2 Vector | e.g. AV:L/AC:L/Au:N/C:C/I:C/A:C |
| cvss | Map | CVSS Details | Key value pairs with cvss source name, attack vector, and score. |
| vendor_severity | Map | Vendor Severity | Key value pairs with vendor name and severity. |
| published | Date | Published | Published time. |
| updated | Date | Updated | Last modified time. |