Software_Vulnerability.csv
If you are using the Technology Intelligence Platform version of IT Visibility’s export, information in this section is not applicable to you. Instead, see IT Visibility Data Export Using Technology Intelligence Platform. To check whether you are using Technology Intelligence Platform or Pre-Technology Intelligence Platform version, go to the Data Export page (IT Visibility > Data Exports). If you see two buttons for exporting—a Create Export button and a Create Export (Beta) button—you are using a Pre-Technology Intelligence Platform version (export version 1 or version 2). If you only see the Create Export button, you are either on the Technology Intelligence Platform version or export version 3. For related information, see Upgrading to the Export Version 3 of IT Visibility.
This file contains information on software vulnerabilities.
| Column Position | Column Name | Type | Column Description |
|---|---|---|---|
| 1 | VulnerabilityTechnopediaGUID | UUID | The unique Technopedia ID for Software Vulnerability. |
| 2 | VulnerabilitySaID | String | The Secunia Advisory ID. |
| 3 | VulnerabilityTitle | String | The title of the associated advisory. |
| 4 | VulnerabilityStatus | Int64 | The current status of the vulnerability. |
| 5 | Revision | String | The revising status of the associated advisory. |
| 6 | DisclosureDate | String | The date of disclosure of the vulnerability. |
| 7 | DiscoveryDate | String | The date of discovery of the vulnerability. |
| 8 | ExploitPublishDate | String | The date of publish of the vulnerability exploit. |
| 9 | VulnerabilityCriticality | Int64 | The numeric score for the vulnerability's criticality, ranges from 1 - 5 where the smaller number the higher the criticality is. (It corresponds to EXPORTED CSV FILE attribute in SVM). |
| 10 | CriticalityLabel | String | The translation of the numeric score in criticality, where: 1: Extremely Critical,2: Highly Critical,3: Moderately Critical,4: Less Critical,5: Not Critical. |
| 11 | LanguageID | Int64 | The unique identifier for language. |
| 12 | Language | String | The language available for the vulnerability published. |
| 13 | TopPlace | String | The ranking of the most exploited vulnerabilities. |
| 14 | Solution | String | The translation of the numeric score in criticality, where: 1: Extremely Critical,2: Highly Critical,3: Moderately Critical,4: Less Critical,5: Not Critical. |
| 15 | SolutionStatus | String | The solution status of the associated vulnerability. |
| 16 | VulnerabilityCount | String | The total number of the vulnerability identified. |
| 17 | ReleasedDate | String | The date of release of the vulnerability. |
| 18 | CvssVector | String | The vector attribute according to Common Vulnerability Scoring System (CVSS). |
| 19 | Cvss3Score | String | The rating value according to CVSS. |
| 20 | CvssScore | String | The rating value according to CVSS. |
| 21 | Description | String | A text field containing the description of Secunia Advisory. It may contain the SAID itself. This attribute will potentially undergo further parsing in the future. |
| 22 | Others | Int64 | The other references, any additional, supporting/secondary links which explain/support the vulnerability. |
| 23 | ZeroDay | Int64 | The numeric indicator whether the vulnerability was exploited prior to disclosure, ranges from 0 - 1. 0=no, 1=y. |
| 24 | ThreatID | String | The unique identifier for the threat. |
| 25 | ThreatExploitScore | Int64 | The Composite score for the Security Advisory, calculated from various criteria and their associated values (as determined by their severity). The higher the threat score is, the more critical it is to pay more attention to. The following indicates the criticality for all possible ranges in the threat score:71 - 99: Very Critical 45 - 70: Critical 24 - 44: High 13 - 23: Medium1 - 12: Low 0 - 0: None See complete criteria and methods of calculation in SVM documentation here, with a few examples provided here. |
| 26 | VulnID | Int64 | The numeric characters from SAID (Secunia Advisory ID, unique identifier for Secunia Advisory). |
| 27 | WhereTypeID | String | The numeric indicator for where the vulnerability can be exploited from, ranges from 1 - 3. It corresponds to ATTACK VECTOR in SVM. |
| 28 | WhereTypeName | String | The translation of the numeric indicator in WHERE_TYPE_ID, where: 1: From remote, 2: From local network, 3: Local system. |
| 29 | OrgID | String | The unique identifier for the organization. |