Vulnerability Data Source

The Vulnerability Data Source is the direct connection to Common Vulnerabilities and Exposures (CVE) data from the National Vulnerability Database (NVD). Risk Analyzer uses the CVE identities to detect network vulnerabilities, create attack graphs, and perform risk calculations for a network.

You can manually import scan data and CVE data from the NVD into the Administration module.

  • The vulnerability definitions come from the NVD

  • The vulnerabilities come from the scanners

Third-party vulnerability scanners must be imported manually from the Device Groups page.

To access Risk Analyzer, you must have a Risk Analyzer license for the domain that the user is logged into, as well as access to either the 'All Devices' device group and / or another user-configured device group (within the licensed domain) that has the behavioral analysis setting enabled, and Risk Data write permissions granted.

More information about Risk Analyzer can be found in the Security Manager User's Guide.

Internet connectivity is required to import vulnerability details from the NVD.

For first-time users, to upload the common vulnerabilities and exposures (CVE), complete the following steps.

  1. In Administration, on the toolbar click Risk Analyzer > Scanners.
  2. On the Risk Analyzer menu you will see a No Results Found message, click Import.
  3. In the Import Vulnerability Data dialog box, select either:
    • Import Method - National Vulnerability Database, and then click Import.
    • Choose file(s) and select the files to import, and then click Import.

    Files must have a .gz extension.

  4. You will see either a green upload success or red upload failed message appear on the screen.

After you have successfully imported the CVE from NVD, you will see the following Vulnerability Data Source table populate.

It could take up to 15 minutes to complete.

Vulnerability Data Source List
Value Description
Source National Vulnerability Database.
Vulnerability Definitions The number of vulnerability definitions retrieved.
Last Successful Update Timestamp of the last successful update from NVD.
New Scheduled Update When the next retrieval from NVD is scheduled.
Status In Progress, Successful or Failed retrieval attempt.
Action menu with options for tasks to complete at the vulnerability data source level.