CVE-ease Design Overview
1. Overview
Common Vulnerabilities and Exposures (CVEs) plays a vital role in ensuring system security and stability, making effective handling and management of CVE data essential. To address this, the CVE-ease vulnerability management system was developed, enabling real-time acquisition, management, and reporting of vulnerability information.
2. Key Features
CVE-ease provides the following core functionalities:
- Acquisition and analysis of CVE information
- Organization and storage of CVE data
- Access to historical and real-time CVE details
- Real-time tracking of CVE status
- Immediate broadcasting of CVE updates
3. Module Functions
3.1 CVE Acquisition
During operation, CVE-ease periodically scrapes CVE information from disclosure websites. Before scraping, the system scans the CVE database to create an index of existing CVE IDs and verify connectivity with CVE platforms. The process begins by retrieving the IDs of the latest disclosed CVEs, followed by fetching detailed descriptions based on these IDs. If the data is successfully retrieved, the process concludes. Otherwise, the system retries until successful.
3.2 CVE Information Organization and Storage
Scraped CVE data is structured and stored in a database according to predefined formats, with feature values calculated. If a scraped CVE ID is not present in the database, it is added directly. If the ID exists, the system compares feature values and updates the entry if discrepancies are found.
3.3 Viewing Historical and Real-Time CVE Information
Users can query specific CVE details through the interactive interface. By default, the system displays the 10 most recent CVEs. Users can customize queries to retrieve historical CVE data based on criteria such as CVE score or year.
