CVE Score Changes, Change History, and Transparency

A common request we get is how to tell which vulnerabilities change score or for one particular vuln, how do we tell if the score jumped up or down, what’s the history? There are two ways we can do just that.

#1 The first option is using the “Show CVE History” endpoint via our API. Querying this endpoint will give you the entire score history for a single or multiple CVEs. For any given CVE in your environment (and an API token), you can use this endpoint to tell you exactly what date and time that CVE changed score as well as the previous score and what it changed to.

score_change.png

The exact API endpoint can be found on our API docs here.

Note: Only Vulnerability Intel customers have access to any CVE, otherwise all other customers can only search for CVEs associated to vulnerabilities in their environment .

#2 The second option to help with score transparency is through our alerts. There are several alerting options that are tied to scoring:

  • New Active Internet Breaches identified

  • New Popular Target Vulnerabilities identified

  • New Easily Exploitable Vulnerabilities identified

  • New Malware Vulnerabilities identified

  • Risk group changes risk level

To turn on these alerts, go to the settings menu in the upper right hand corner (gear icon), and from the dropdown click Alerts. You can toggle any or all of the 5 alerts above at your liking. The benefit of these alerts is that when they are triggered, you will be able to click on a link to take you to exactly which risk meters or group of vulnerabilities had changed to cause that alert to go off. Although it doesn’t get as granular as the API endpoint in option 1, it does give you a good general idea of what’s happening within your environment and what is changing.

score_changes1.png

In the example alerts above, clicking on the blue “Easily Exploitable Vulnerabilities” and “Active Internet Breaches” will take you to the exact vulnerabilities that had newly been tagged with these threat flags, meaning their score went up.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.