NVD Data Map Overview

When importing a .json file into RiskVision, the NVD Connector will populate different fields depending on which data feed the file comes from.

When Importing CVE Files

RiskVision will capture the following from the NVD website:

Description

The Current Description and Analysis Description will be uploaded to the Description field of a vulnerability's General tab.The Current Description of a CVE file. The CVE's description captured by the Description field in RiskVision.

Severity

The vulnerability's CVSS v2.0 Score tab will capture all scores from the file's CVSS Score section.The CVSS Score section of a CVE file. The CVE's severity scores captured by the CVSS Score field in RiskVision.

The CVSS v3 Score tab will capture all fields and values in the following sections of the .json file:

  • CVSS v3 Version
    The CVSS version of a CVE file.
    The CVE's CVSS v3 Version captured in RiskVision.
  • Base Score Metrics v3
    The Base Score Metrics of a CVE file.
    The CVE's Base Score Metrics captured in RiskVision.
  • CVSS v3 Score
    The CVSS V3 Scores of a CVE file.
    The CVE's CVSS v3 Score captured in RiskVision.

Hyperlinks

All related hyperlinks will be captured in the Description field of the vulnerability's Identification tab.The Hyperlink section of a CVE file.The CVE's hyperlinks captured in the Description field in RiskVision.

Resources

All related resources will be captured in the Resource field of the vulnerabilities Identification tab.The Resource section of a CVE file. The CVE's resources captured in the Resource field in RiskVision.

Weakness Enumeration

The .json file's CWE Name will be captured in the Weaknesses field of the vulnerability's General tab. The CWE-ID and Source will not be captured.The CWE Name of a weakness in a CWE file. The CWE Name captured in the Weaknesses field in RiskVision.

Known Affected Software Configurations

These will be captured in the vulnerability's Technologies tab.The Known Affected Software Configurations of a CVE file. The CVE file's Known Affected Software Configurations captured in RiskVision.

When Importing CPE Files

RiskVision will capture the following from the NVD website:

CPE Names

RiskVision can only import names from version 2.2 of CPE. The following components will be captured by the General tab of a technology:

  • Part
  • Vendor
  • Product
  • Cloud-init
  • Version
  • Update
  • Edition
  • Language
    The Name Components of a CPE file.
    The CPE name components captured in RiskVision.

Metadata

The Text title will be captured by the Full Name field in a technology's General tab, but the Locale title will not.The Text title in a CPE file.

The CPE's Text title captured by the Full Name field in RiskVision.

References

This section is not captured as they contain Change Log data.The References section of a CPE file.

CPE Usage

View and Associated vulnerabilities will be captured in RiskVision's Vulnerabilities tab for threats and technologies.Vulnerabilities in a CPE file. The CPE's Vulnerabilities captured in RiskVision.

The connector will not capture the file's quick info such as published dates and last modified dates.

The Quick Info of a CPE file.

When Importing CWE Files

While the NVD connector will import files from the CWE datafeed, it will import data from a different site than the NVD site. As of now, RiskVision will only capture Parent Of information from CWE files in the General tab of a weakness.The Parent Of information in a CWE file. The Parent Of information from a CWE file captured in RiskVision.