CVE Metadata Schema¶
CVEMetadata¶
Enrichment metadata for a CVE node, sourced from NVD and EPSS.
Field |
Description |
|---|---|
firstseen |
Timestamp of when a sync job first discovered this node |
lastupdated |
Timestamp of the last time the node was updated |
id |
The CVE ID (e.g., CVE-2024-22075) |
description |
The english description of the vulnerability |
references |
Reference URLs |
problem_types |
A list of CWE identifiers |
cvss_version |
The CVSS version used (4.0, 3.1, 3.0, or 2.0) |
vector_string |
The CVSS vector string |
attack_vector |
The CVSS attack vector |
attack_complexity |
The CVSS attack complexity |
privileges_required |
The CVSS privileges required |
user_interaction |
The CVSS user interaction |
scope |
The CVSS scope |
confidentiality_impact |
The CVSS confidentiality impact |
integrity_impact |
The CVSS integrity impact |
availability_impact |
The CVSS availability impact |
base_score |
The CVSS base score |
base_severity |
The CVSS severity (CRITICAL, HIGH, MEDIUM, LOW) |
exploitability_score |
The CVSS exploitability score |
impact_score |
The CVSS impact score |
published_date |
The date the CVE was published |
last_modified_date |
The date the CVE was last modified |
vuln_status |
The vulnerability analysis status |
is_kev |
Whether this CVE is in the CISA KEV catalog (indexed) |
cisa_exploit_add |
Date added to CISA KEV catalog (if applicable) |
cisa_action_due |
CISA remediation due date (if applicable) |
cisa_required_action |
CISA required remediation action (if applicable) |
cisa_vulnerability_name |
CISA vulnerability name (if applicable) |
epss_score |
EPSS probability of exploitation (0.0-1.0) |
epss_percentile |
EPSS percentile ranking (0.0-1.0) |
CVEMetadataFeed¶
Represents the CVE metadata enrichment feed. Used as a sub-resource for lifecycle management.
Field |
Description |
|---|---|
firstseen |
Timestamp of when a sync job first discovered this node |
lastupdated |
Timestamp of the last time the node was updated |
id |
Feed identifier (CVE_METADATA) |
source_nvd |
Whether NVD enrichment was enabled for this sync |
source_epss |
Whether EPSS enrichment was enabled for this sync |
Relationships¶
A CVEMetadata enriches a CVE
(:CVEMetadata)-[:ENRICHES]->(:CVE)A CVEMetadataFeed is the resource for CVEMetadata nodes
(:CVEMetadataFeed)-[:RESOURCE]->(:CVEMetadata)