CVEs API
GET /cve
List the CVEs.
Parameters:
search
(optional): filter by keyword in summaryvendor
(optional): filter by vendor nameproduct
(optional): filter by product name (impliesvendor
parameter)cvss
(optional): filter by CVSS (one ofnone
,low
,medium
,high
,critical
)cwe
(optional): filter by CWEpage
(optional, default: 1): the page to start
Example request:
GET /api/cve HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.1 200 OK
[
...
{
"id": "CVE-2021-1411",
"summary": "Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",
"created_at": "2021-03-24T21:15:00Z",
"updated_at": "2021-03-29T17:32:00Z"
},
...
]
GET /cve/<string:id>
Get the details of a specific CVE.
Example request:
GET /api/cve/CVE-2021-1411 HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.1 200 OK
{
"id": "CVE-2021-1411",
"summary": "Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",
"created_at": "2021-03-24T21:15:00Z",
"updated_at": "2021-03-29T17:32:00Z",
"cvss": {
"v2": 9.0,
"v3": 9.9
},
"vendors": {
"cisco": [
"jabber"
]
},
"cwes": [
"CWE-170"
],
"raw_nvd_data": {
"cve": {
"data_type": "CVE",
"references": {
"reference_data": [{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-jabber-PWrTATTC",
"name": "20210324 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities",
"tags": [
"Vendor Advisory"
],
"refsource": "CISCO"
}]
},
"data_format": "MITRE",
"description": {
"description_data": [{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}]
},
"problemtype": {
"problemtype_data": [{
"description": [{
"lang": "en",
"value": "CWE-170"
}]
}]
},
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-1411",
"ASSIGNER": "cve@mitre.org"
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"version": "2.0",
"baseScore": 9.0,
"accessVector": "NETWORK",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"authentication": "SINGLE",
"integrityImpact": "COMPLETE",
"accessComplexity": "LOW",
"availabilityImpact": "COMPLETE",
"confidentialityImpact": "COMPLETE"
},
"severity": "HIGH",
"acInsufInfo": false,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"exploitabilityScore": 8.0,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"scope": "CHANGED",
"version": "3.1",
"baseScore": 9.9,
"attackVector": "NETWORK",
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"integrityImpact": "HIGH",
"userInteraction": "NONE",
"attackComplexity": "LOW",
"availabilityImpact": "HIGH",
"privilegesRequired": "LOW",
"confidentialityImpact": "HIGH"
},
"impactScore": 6.0,
"exploitabilityScore": 3.1
}
},
"publishedDate": "2021-03-24T21:15Z",
"configurations": {
"nodes": [{
"operator": "OR",
"cpe_match": [{
"cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"versionEndExcluding": "12.1.5"
},
{
"cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"versionEndExcluding": "12.5.4",
"versionStartIncluding": "12.5.0"
},
{
"cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"versionEndExcluding": "12.6.5",
"versionStartIncluding": "12.6.0"
},
{
"cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"versionEndExcluding": "12.7.4",
"versionStartIncluding": "12.7.0"
},
{
"cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"versionEndExcluding": "12.8.5",
"versionStartIncluding": "12.8.0"
},
{
"cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"versionEndExcluding": "12.9.5",
"versionStartIncluding": "12.9.0"
}
]
}],
"CVE_data_version": "4.0"
},
"lastModifiedDate": "2021-03-29T17:32Z"
}
}