NIST NVD
========

NIST_NVD
--------

.. rubric:: Details

===========================  ==========================================================
Author                       Energy SOAR
Version                      1.0
License                      AGPL-V3
Requires Registration        No
Requires Subscription        No
Free Subscription Available  Yes
DataType Supported           other, cve
Service Homepage             `NIST NVD <https://nvd.nist.gov/>`_
===========================  ==========================================================

.. rubric:: Description

Use the NIST National Vulnerability Database for CVE enrichment in Energy SOAR investigations.
The analyzer can retrieve CVE metadata, CVSS scores, affected products, references and publication or modification dates using the NVD API.

.. rubric:: Configuration

===========================  ===========================================================
Name                         Description
base_url                     NVD API URL
api_key                      Optional NVD API key for higher-rate access
verify_ssl                   Verify server certificate
include_cpe                  Include affected product and CPE information in the result
===========================  ===========================================================

.. rubric:: Additional details

Typical use cases include:

* retrieving authoritative details for a CVE identifier
* enriching vulnerability findings imported from scanners
* validating severity and affected product context during triage