Skip to main content

CVE Record Data Model

The CVE Record data model represents the National Vulnerability Database (NVD) dictionary associated with a Common Vulnerabilities and Exposures (CVE) ID. It extends the Entity model data model.

The following table details the default attributes of the CVE Record data model:

Attribute NameAttribute TypeRelationship TypeRequired
affectedText (Multivalued)N/ANo
aliasTextN/ANo
attackPatternsReference (Attack pattern)USESNo
attackTechniquesReference (Attack technique)USESNo
baseRiskScoreCalculated (Number)N/ANo
categoriesText (Multivalued)N/ANo
cisaAddedDateDate TimeN/ANo
cisaDueDateDate TimeN/ANo
cisaExploitedTrue FalseN/ANo
cisaRequiredActionTextN/ANo
cisaVulnerabilityNameTextN/ANo
cpeRecordsReference (CPE record)AFFECTSNo
commentsCommentsN/ANo
commercialExploitTrue FalseN/ANo
connectorCategoriesText (Multivalued)N/ANo
connectorNamesText (Multivalued)N/ANo
createdByTextN/ANo
cvssV2AccessComplexityTextN/ANo
cvssV2AccessVectorTextN/ANo
cvssV2AuthenticationTextN/ANo
cvssV2AvailabilityImpactTextN/ANo
cvssV2BaseScoreNumberN/ANo
cvssV2BaseVectorSourceTextN/ANo
cvssV2ConfidentialityImpactTextN/ANo
cvssV2ExploitabilityTextN/ANo
cvssV2IntegrityImpactTextN/ANo
cvssV2RemediationLevelTextN/ANo
cvssV2ReportConfidenceTextN/ANo
cvssV2SeverityTextN/ANo
cvssV2TemporalScoreNumberN/ANo
cvssV2TemporalVectorSourceTextN/ANo
cvssV2VectorTextN/ANo
cvssV3AttackComplexityTextN/ANo
cvssV3AttackVectorTextN/ANo
cvssV3AvailabilityImpactTextN/ANo
cvssV3BaseScoreNumberN/ANo
cvssV3BaseVectorSourceTextN/ANo
cvssV3ConfidentialityImpactTextN/ANo
cvssV3ExploitCodeMaturityTextN/ANo
cvssV3IntegrityImpactTextN/ANo
cvssV3PrivilegesRequiredTextN/ANo
cvssV3RemediationLevelTextN/ANo
cvssV3ReportConfidenceTextN/ANo
cvssV3SeverityTextN/ANo
cvssV3TemporalScoreNumberN/ANo
cvssV3TemporalVectorSourceTextN/ANo
cvssV3UserInteractionTextN/ANo
cvssV3VectorTextN/ANo
dataIntegrationTitlesText (Multivalued)N/ANo
dataModelNameCalculated (Text)N/ANo
dateCreatedDate TimeN/ANo
daysToFirstDetectionCalculated (Number)N/ANo
descriptionText AreaN/ANo
displayNameCalculated (Text)N/AYes
epssLastModifiedDate TimeN/ANo
epssPercentileNumberN/ANo
epssScoreNumberN/ANo
exploitMaturityTextN/ANo
exploitsText (Multivalued)N/ANo
firstDetectedCalculated (Date Time)N/ANo
firstReportedThreatActorDate TimeN/ANo
flowStateTextN/ANo
githubTrendingTrue FalseN/ANo
knownActiveRansomewareCampaignTextN/ANo
lastReportedThreatActorDate TimeN/ANo
lastUpdatedDate TimeN/ANo
lifecycleInactiveDateDate TimeN/ANo
lifecyclePurgeDateDate TimeN/ANo
lifecycleStatusSingle ChoiceN/ANo
malwareText (Multivalued)N/ANo
nameTextN/ANo
numberOutOfComplianceNumberN/ANo
openFindingCountCalculated (Number)N/ANo
publicExploitTrue FalseN/ANo
publishedDateDate TimeN/ANo
recommendationTextN/ANo
referencesText (Multivalued)N/ANo
reportedExploitedTrue FalseN/ANo
riskFactorOffsetCalculated (Number)N/ANo
riskFactorsRisk FactorsN/ANo
riskRatingCalculated (Single Choice)N/ANo
riskScoreCalculated (Number)N/ANo
riskScoringModelRisk Scoring ModelN/ANo
severitySingle ChoiceN/ANo
severityScoreNumberN/ANo
sourceTextN/ANo
sourceCreatedDateDate TimeN/ANo
sourceLastModifiedDate TimeN/ANo
sourceStatusSingle ChoiceN/ANo
sourceUidsText (Multivalued)N/ANo
sourcesReference (Source model)SOURCED_FROMNo
sourcesIconsSource data models iconsN/ANo
statusCalculated (Single Choice)N/ANo
statusConfigurationModelStatus Configuration ModelN/ANo
summaryTextN/ANo
tagsText (Multivalued)N/ANo
uidTextN/AYes
updatedByTextN/ANo
usedByBotnetsTrue FalseN/ANo
usedByRansomwareTrue FalseN/ANo
usedByThreatActorsTrue FalseN/ANo
weaknessesReference (Weakness)EXPLOITSNo
weaponizedExploitTrue FalseN/ANo
FOOTNOTES
  • The attribute names are used in Brinqa Query Language (BQL) queries and Brinqa Condition Language (BCL) predicates.
  • In the Type column, Calculated means that the value of the attribute is computed by executing a script. The text in the parentheses after Calculated denotes the type of the outcome. For additional information, see Calculated attributes.
  • In the Type column, Reference means that two data models are related. The name in the parentheses after Reference indicates the other data model.
  • The Relationship Type column only applies to the Category and Reference type attributes. You can use the relationship type keyword in BQL queries.