Skip to main content

NIST NVD

warning

As of Brinqa Platform version 11.28.x and later, Brinqa recommends using Brinqa Risk Intelligence instead of the NIST NVD connector. Due to ongoing reliability issues with the National Vulnerability Database, the NIST NVD connector is no longer supported.

If you are on a Brinqa Platform version earlier than 11.28, Brinqa recommends upgrading to the latest version. For assistance with the upgrade process, please contact your Brinqa Technical Account Manager or Brinqa Support team.

The NVD (National Vulnerability Database) from NIST (National Institute of Standards and Technology) provides vulnerability management data based on the Security Content Automation Protocol (SCAP). The NIST NVD connector retrieves Common Vulnerability and Exposures (CVE) records, Common Platform Enumeration (CPE) records, and Common Weakness Enumeration (CWE) records from NVD. You can bring these findings into Brinqa to construct a unified view of your attack surface and strengthen your cybersecurity posture.

This document details the information you must provide for the connector to authenticate with NIST NVD and how to obtain that information from NIST NVD. See create a data integration for step-by-step instructions on setting up the integration.

Required connection settings

When setting up a data integration, select NIST NVD from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate NIST NVD with Brinqa:

  • Service URL: The NIST NVD Service URL. The default URL is https://services.nvd.nist.gov.

  • API Key: The access key associated with the NIST NVD account, which must have permissions to log in to the API server and return data.

Generate a NIST NVD API key

For the NIST NVD connector to use the NIST NVD API, you must provide the API keys from NIST NVD. To obtain an API key, follow these steps:

  1. Navigate to NIST NVD's developer portal.

  2. Fill in the organization name and email address, and then select the organization type from the drop-down.

  3. Agree to the Terms of Use and click Submit. An email is sent to the email address from the previous step.

  4. Click the link in the email from nvd-noreply@nist-gov.

  5. A new tab containing the new API key opens in your browser. Copy the API key and save it in a safe and secure location.

note

You can not view the API key again. If you lose or forget the key, you must request a new one. For additional information, see NIST NVD documentation.

Additional settings

The NIST NVD connector contains additional options for specific configuration:

  • Parallel requests: The maximum number of parallel API requests. The default setting is 2.

  • Maximum retries: The maximum number of times that the integration attempts to connect to the NIST NVD APIs before giving up and reporting a failure. The default setting is 10.

Types of data to retrieve

The NIST NVD connector can retrieve the following types of data from the NIST NVD API:

Table 1: Data retrieved from NIST NVD

Connector ObjectRequiredMaps to Data Model
ProductNoNot mapped
VulnerabilityYesCVE record
WeaknessYesWeakness
info

The NIST NVD connector does not currently support operation options for the types of data it retrieves.

For detailed steps on how to view the data retrieved from NIST NVD in the Brinqa Platform, see How to view your data.

Attribute mappings

Expand the sections below to view the mappings between the source and the Brinqa data model attributes.

Vulnerability

Table 2: Vulnerability attribute mappings

Source Field NameMaps to Attribute
cve.iduid, name
cve.cisaExploitAddcisaAddedDate
cve.cisaActionDuecisaDueDate
cisaExploitedcisaExploited
cve.cisaRequiredActioncisaRequiredAction
cve.cisaVulnerabilityNamecisaVulnerabilityName
cve.englishDescription.valuedescription
cve.publishedpublishedDate
cve.references.urlreferences
cve.lastModifiedsourceLastModified
cve.weaknesses.valueweaknesses
cve.vulnStatusstatus
cve.sourceIdentifierLocal variable
matchString.matches.cpeNameaffected
metric.cvssData.accessComplexitycvssV2Ac
metric.cvssData.availabilityImpactcvssV2Ai, cvssV3Ai
metric.cvssData.authenticationcvssV2Au
metric.cvssData.accessVectorcvssV2Av
metric.cvssData.baseScorecvssV2BaseScore, cvssV3BaseScore
metric.cvssData.confidentialityImpactcvssV2Ci, cvssV3Ci
metric.cvssData.integrityImpactcvssV2Ii, cvssV3Ii
metric.baseSeveritycvssV2Severity
metric.cvssData.vectorStringcvssV2Vector, cvssV3Vector
metric.cvssData.attackComplexitycvssV3Ac
metric.cvssData.attackVectorcvssV3Av
metric.cvssData.privilegesRequiredcvssV3Pr
metric.cvssData.scopecvssV3Scope
metric.cvssData.baseSeveritycvssV3Severity
metric.cvssData.userInteractioncvssV3Ui
severityseverity, Local variable
note

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

Weakness

Table 3: Weakness attribute mappings

Source Field NameMaps to Attribute
categoriescategories
cwe.iduid
cwe.namename
cwe.descriptiondescription
cwe.likelihoodOfExploitexploitability
cwe.relatedWeaknessesLocal variable
note

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

APIs

The NIST NVD connector uses the Product API v2.0 and Vulnerability API v2.0. Specifically, it uses the following endpoints:

Table 4: NIST NVD API Endpoints

Connector ObjectAPI Endpoints
Product/rest/json/cpes/2.0
Vulnerability/rest/json/cpematch/2.0
/rest/json/cves/2.0
Weakness/data/xml/cwec_latest.xml.zip

Changelog

The NIST NVD connector has undergone the following changes:

Table 5: NIST NVD connector changelog

VersionDescriptionDate Published
3.1.13Changed the SOURCE_SEVERITY attribute type on the Vulnerability object from double to integer to resolve a data type mismatch error.August 5th, 2025
3.1.12Code clean up and general maintenance.December 19th, 2024
3.1.11Code clean up and general maintenance.September 27th, 2024
3.1.10Added a new setting to help manage API throttling: Maximum retriesJuly 5th, 2024
3.1.9Changed the SOURCE_SEVERITY attribute type on the Vulnerability object from string to integer.May 31st, 2024
3.1.8Fixed an issue that was affecting the retrieval of the AFFECTED attribute on the Vulnerability object.May 14th, 2024
3.1.7- Updated to retrieve weaknesses from upper levels.
- Updated dependencies.
March 12th, 2024
3.1.6Updated dependencies.March 8th, 2024
3.1.5Updated the API key for accessing the National Vulnerability Database (NVD).November 27th, 2023
3.1.4Reduced the size of the connector logo.August 22nd, 2023
3.1.3Code clean up and general maintenance.August 16th, 2023
3.1.2Code clean up and general maintenance.August 13th, 2023
3.1.1Code clean up and general maintenance.August 10th, 2023
3.1.0Switched to CPE API v2.0 and CVE API v2.0.August 9th, 2023
3.0.5Upgraded to the latest Connector Framework.December 14th, 2022
3.0.4Code clean up and general maintenance.July 8th, 2022
3.0.3Code clean up and general maintenance.April 25th, 2022
3.0.2The connector now retrieves the Weakness object from NIST NVDApril 24th, 2022
3.0.1Code clean up and general maintenance.April 21st, 2022
3.0.0Initial Integration+ release.April 20th, 2022