NVD/CVE Integration

Ravenscan correlates detected services and versions against the National Vulnerability Database for comprehensive CVE coverage.

Overview

After service detection and version fingerprinting, Ravenscan queries its local CVE database to identify known vulnerabilities. The database is updated automatically from NIST NVD, CISA KEV, and EPSS feeds.

Data sources

NIST NVD

Full CVE database with CPE matching. Version-to-CVE correlation for ~200 products including OpenSSH, Apache, Nginx, MySQL, PostgreSQL, Redis, MongoDB, Elasticsearch, Docker, Kubernetes and more. Updated daily via NVD 2.0 API.

CVSS v3.1 scoring

Each CVE includes the CVSS v3.1 base score, vector string and severity rating (Critical, High, Medium, Low). Environmental and temporal metrics supported for Enterprise customers.

EPSS probability

Exploit Prediction Scoring System: probability (0-1) that a vulnerability will be exploited in the next 30 days. Helps prioritize patching by real-world risk, not just CVSS score.

CISA KEV

Known Exploited Vulnerabilities catalog (~1,100 CVEs). Flags vulnerabilities actively exploited in the wild with date_added and remediation due date. These always appear as Critical priority.

Configuration

  • Automatic updates — The CVE database updates daily in the background. No configuration required.
  • Offline mode — For air-gapped deployments, download the database bundle from the customer portal and import via ravenscan db import.
  • NVD API key (optional) — Provide an NVD API key in Settings → Integrations for higher rate limits (50 req/s vs 5 req/s without key).
  • Custom CVE rules — Add internal vulnerability definitions for proprietary software using YAML templates.

Scan output

For each detected vulnerability, Ravenscan provides:

  • CVE ID and description
  • CVSS v3.1 score and vector
  • EPSS probability and percentile
  • CISA KEV flag (if applicable)
  • Affected product and version range
  • Remediation: upgrade version, patch reference, workaround
  • References: NVD, vendor advisory, exploit-db

Need help with vulnerability scanning? Contact [email protected]. For pricing, reach out to [email protected].