NIST NVD
As of Brinqa Platform version 11.28.x and later, Brinqa recommends using Brinqa Risk Intelligence instead of the NIST NVD connector. Due to ongoing reliability issues with the National Vulnerability Database, the NIST NVD connector is no longer supported.
If you are on a Brinqa Platform version earlier than 11.28, Brinqa recommends upgrading to the latest version. For assistance with the upgrade process, please contact your Brinqa Technical Account Manager or Brinqa Support team.
The NVD (National Vulnerability Database) from NIST (National Institute of Standards and Technology) provides vulnerability management data based on the Security Content Automation Protocol (SCAP). The NIST NVD connector retrieves Common Vulnerability and Exposures (CVE) records, Common Platform Enumeration (CPE) records, and Common Weakness Enumeration (CWE) records from NVD. You can bring these findings into Brinqa to construct a unified view of your attack surface and strengthen your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with NIST NVD and how to obtain that information from NIST NVD. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select NIST NVD from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate NIST NVD with Brinqa:
-
Service URL: The NIST NVD Service URL. The default URL is
https://services.nvd.nist.gov. -
API Key: The access key associated with the NIST NVD account, which must have permissions to log in to the API server and return data.
Generate a NIST NVD API key
For the NIST NVD connector to use the NIST NVD API, you must provide the API keys from NIST NVD. To obtain an API key, follow these steps:
-
Navigate to NIST NVD's developer portal.
-
Fill in the organization name and email address, and then select the organization type from the drop-down.
-
Agree to the Terms of Use and click Submit. An email is sent to the email address from the previous step.
-
Click the link in the email from
nvd-noreply@nist-gov. -
A new tab containing the new API key opens in your browser. Copy the API key and save it in a safe and secure location.
You can not view the API key again. If you lose or forget the key, you must request a new one. For additional information, see NIST NVD documentation.
Additional settings
The NIST NVD connector contains additional options for specific configuration:
-
Parallel requests: The maximum number of parallel API requests. The default setting is 2.
-
Maximum retries: The maximum number of times that the integration attempts to connect to the NIST NVD APIs before giving up and reporting a failure. The default setting is 10.
Types of data to retrieve
The NIST NVD connector can retrieve the following types of data from the NIST NVD API:
Table 1: Data retrieved from NIST NVD
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Product | No | Not mapped |
| Vulnerability | Yes | CVE record |
| Weakness | Yes | Weakness |
The NIST NVD connector does not currently support operation options for the types of data it retrieves.
For detailed steps on how to view the data retrieved from NIST NVD in the Brinqa Platform, see How to view your data.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes.
Vulnerability
Table 2: Vulnerability attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| cve.id | uid, name |
| cve.cisaExploitAdd | cisaAddedDate |
| cve.cisaActionDue | cisaDueDate |
| cisaExploited | cisaExploited |
| cve.cisaRequiredAction | cisaRequiredAction |
| cve.cisaVulnerabilityName | cisaVulnerabilityName |
| cve.englishDescription.value | description |
| cve.published | publishedDate |
| cve.references.url | references |
| cve.lastModified | sourceLastModified |
| cve.weaknesses.value | weaknesses |
| cve.vulnStatus | status |
| cve.sourceIdentifier | Local variable |
| matchString.matches.cpeName | affected |
| metric.cvssData.accessComplexity | cvssV2Ac |
| metric.cvssData.availabilityImpact | cvssV2Ai, cvssV3Ai |
| metric.cvssData.authentication | cvssV2Au |
| metric.cvssData.accessVector | cvssV2Av |
| metric.cvssData.baseScore | cvssV2BaseScore, cvssV3BaseScore |
| metric.cvssData.confidentialityImpact | cvssV2Ci, cvssV3Ci |
| metric.cvssData.integrityImpact | cvssV2Ii, cvssV3Ii |
| metric.baseSeverity | cvssV2Severity |
| metric.cvssData.vectorString | cvssV2Vector, cvssV3Vector |
| metric.cvssData.attackComplexity | cvssV3Ac |
| metric.cvssData.attackVector | cvssV3Av |
| metric.cvssData.privilegesRequired | cvssV3Pr |
| metric.cvssData.scope | cvssV3Scope |
| metric.cvssData.baseSeverity | cvssV3Severity |
| metric.cvssData.userInteraction | cvssV3Ui |
| severity | severity, Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Weakness
Table 3: Weakness attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| categories | categories |
| cwe.id | uid |
| cwe.name | name |
| cwe.description | description |
| cwe.likelihoodOfExploit | exploitability |
| cwe.relatedWeaknesses | Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
APIs
The NIST NVD connector uses the Product API v2.0 and Vulnerability API v2.0. Specifically, it uses the following endpoints:
Table 4: NIST NVD API Endpoints
| Connector Object | API Endpoints |
|---|---|
| Product | /rest/json/cpes/2.0 |
| Vulnerability | /rest/json/cpematch/2.0 |
/rest/json/cves/2.0 | |
| Weakness | /data/xml/cwec_latest.xml.zip |
Changelog
The NIST NVD connector has undergone the following changes:
Table 5: NIST NVD connector changelog
| Version | Description | Date Published |
|---|---|---|
| 3.1.13 | Changed the SOURCE_SEVERITY attribute type on the Vulnerability object from double to integer to resolve a data type mismatch error. | August 5th, 2025 |
| 3.1.12 | Code cleanup and general maintenance. | December 19th, 2024 |
| 3.1.11 | Code cleanup and general maintenance. | September 27th, 2024 |
| 3.1.10 | Added a new setting to help manage API throttling: Maximum retries | July 5th, 2024 |
| 3.1.9 | Changed the SOURCE_SEVERITY attribute type on the Vulnerability object from string to integer. | May 31st, 2024 |
| 3.1.8 | Fixed an issue that was affecting the retrieval of the AFFECTED attribute on the Vulnerability object. | May 14th, 2024 |
| 3.1.7 | - Updated to retrieve weaknesses from upper levels. - Updated dependencies. | March 12th, 2024 |
| 3.1.6 | Updated dependencies. | March 8th, 2024 |
| 3.1.5 | Updated the API key for accessing the National Vulnerability Database (NVD). | November 27th, 2023 |
| 3.1.4 | Reduced the size of the connector logo. | August 22nd, 2023 |
| 3.1.3 | Code cleanup and general maintenance. | August 16th, 2023 |
| 3.1.2 | Code cleanup and general maintenance. | August 13th, 2023 |
| 3.1.1 | Code cleanup and general maintenance. | August 10th, 2023 |
| 3.1.0 | Switched to CPE API v2.0 and CVE API v2.0. | August 9th, 2023 |
| 3.0.5 | Upgraded to the latest Connector Framework. | December 14th, 2022 |
| 3.0.4 | Code cleanup and general maintenance. | July 8th, 2022 |
| 3.0.3 | Code cleanup and general maintenance. | April 25th, 2022 |
| 3.0.2 | The connector now retrieves the Weakness object from NIST NVD | April 24th, 2022 |
| 3.0.1 | Code cleanup and general maintenance. | April 21st, 2022 |
| 3.0.0 | Initial Integration+ release. | April 20th, 2022 |