What Changed
Updated the TenableVMVulnerabilities parser to map 30 additional vulnerability scoring fields that were present in ingested data but unmapped by the parser schema.
Parser Impact
The parser now extracts CVSS 4.0 scoring data and enhanced VPR v2 threat intelligence fields from vulnerability scan results:
CVSS 4.0 fields added:
- Base score and vector components (attack complexity, attack requirements, privileges required)
- System impact ratings (availability, confidentiality, integrity) for both vulnerable and subsequent systems
- Threat vector components including exploit maturity and threat scores
VPR v2 threat intelligence fields added:
- Enhanced VPR scoring (VPR v2 score, percentile, severity)
- Exploit intelligence (probability, code maturity, CISA KEV status)
- Threat activity indicators (news intensity, malware observation frequency)
- EPSS (Exploit Prediction Scoring System) score integration
Security Impact (Visibility & Fidelity)
Data fidelity gap closed: Queries referencing CVSS 4.0 metrics or VPR v2 threat intelligence fields against the TenableVMVulnerabilities parser previously returned null for all rows. Security teams using modern vulnerability prioritization workflows based on CVSS 4.0 or enhanced VPR scoring had incomplete risk assessment data.
The unmapped fields contained critical vulnerability prioritization intelligence including:
- Whether vulnerabilities appear on CISA’s Known Exploited Vulnerabilities list
- Real-world exploit activity and threat actor interest levels
- Modern CVSS 4.0 scoring that accounts for subsequent system impact
- EPSS scores for exploit likelihood prediction
This parser update restores access to this vulnerability prioritization data without requiring re-ingestion.
Affected Files
Solutions/Tenable App/Data Connectors/TenableVM/azuredeploy_Connector_TenableVM_AzureFunction.json
Solutions/Tenable App/Parsers/TenableVMVulnerabilities.yaml
(packaging artefacts: 3.1.2.zip, ReleaseNotes.md, mainTemplate.json)