Cyver Core supports importing findings and reports from Pentest Tools in JSON format. You can import results into Cyver, including vulnerabilities across network infrastructure and web applications, as well as associated assets and recommendations identified by the tool.
Export your Pentest Tools results in JSON format to manually import into Cyver Core — or automate the scan imports using the API.
Pentest Tools - Network Scanner JSON
Findings Field Mapping
| Field | Values | Fields |
| Code | Affects | |
| Title | { "name": "Missing Subresource Integrity" } | |
| Type | Vulnerability Observation | { "type": "vulnerability" } |
| Assets | ||
| Description | { "test_description": "Checking for Oracle WebLogic Server - Remote Code Execution (CVE-2020-2551) on port 7001" } | |
| Occurrence | New Occurrence Reoccurrence | |
| Labels | ||
| Severity | Info Low Medium High Critical default: Info | { "risk_level": "4" } |
| CVSS20Score | { "cvss_v2": "-1" } | |
| CVSS20Vector | ||
| CVSS30Score | { "cvss_v3": "9.2" } | |
| CVSS30Vector | ||
| CVSS31Score | ||
| CVSS31Vector | ||
| CVSS40Score | ||
| CVSS40Vector | ||
| Impact | 0 1 2 3 4 5 default: 0 | |
| ImpactDescription | ||
| Likelihood | 0 1 2 3 4 5 default: 0 | |
| LikelihoodDescription | ||
| VulnerabilityTypes | DoS CodeExecution Overflow MemoryCorruption SqlInjection XSS DirectoryTraversal HttpResponseSplitting BypassSomething GainInformation GainPrivileges CSRF FileInclusion | |
| CWEList | for example: CWE-1; CWE-721 | { "vuln_cwe": "N/A" } |
| CVEList | for example: CVE-1; CVE-721 | { "vuln_cve": "CVE-2020-2551" } |
| MITRE ATT&CK Techniques | ||
| MITRE ATT&CK Mitigations | ||
| MITRE ATT&CK Tactics | ||
| Controls | ||
| Compliance Status | ||
| Compliance Comment | ||
| BackgroundInformation | ||
| Recommendation | { "recommendation": "Apply the latest security patches provided by Oracle to mitigate this vulnerability." } | |
| External References | { "vuln_references": "<a href='https://github.com/hktalent/CVE-2020-2551' target='_blank' rel='external noopener noreferrer nofollow'>https://github.com/hktalent/CVE-2020-2551</a>\n<a href='https://nvd.nist.gov/vuln/detail/CVE-2020-2551' target='_blank' rel='external noopener noreferrer nofollow'>https://nvd.nist.gov/vuln/detail/CVE-2020-2551</a>\n<a href='https://www.oracle.com/security-alerts/cpujan2020.html' target='_blank' rel='external noopener noreferrer nofollow'>https://www.oracle.com/security-alerts/cpujan2020.html</a>\n<a href='https://github.com/neilzhang1/Chinese-Charts' target='_blank' rel='external noopener noreferrer nofollow'>https://github.com/neilzhang1/Chinese-Charts</a>\n<a href='https://github.com/pjgmonteiro/Pentest-tools' target='_blank' rel='external noopener noreferrer nofollow'>https://github.com/pjgmonteiro/Pentest-tools</a>\n" } | |
| Status | Draft PendingFix Fixed ReadyRetest Accepted ToReview Reviewed default: Draft | |
| Evidence Title | { "vuln_id": "NETSCAN-NUCLEI-CVE-CVE-2020-2551" } | |
| Evidence Location | { "vuln_evidence": { "request_response_data": { "value": "https://ptt.eu-central-1.linodeobjects.com/ptt-network/d8bba0f3b45eb81.txt" } } } | |
| Evidence Version | ||
| Evidence Reproduction | ||
| Evidence Results | ||
| Evidence Issue Details |
Pentest Tools - Website Scanner JSON
Findings Field Mapping
| Field | Values | Fields |
| Code | Affects | |
| Title | { "findings": [ { "name": "Missing Subresource Integrity" } ] } | |
| Type | Vulnerability Observation | { "findings": [ { "type": "vulnerability" } ] } |
| Assets | ||
| Description | { "findings": [ { "test_description": "Checking for Oracle WebLogic Server - Remote Code Execution (CVE-2020-2551) on port 7001" } ] } | |
| Occurrence | New Occurrence Reoccurrence | |
| Labels | ||
| Severity | Info Low Medium High Critical default: Info | { "findings": [ { "risk_level": "4" } ] } |
| CVSS20Score | { "findings": [ { "cvss_v2": "-1" } ] } | |
| CVSS20Vector | ||
| CVSS30Score | { "findings": [ { "cvss_v3": "9.2" } ] } | |
| CVSS30Vector | ||
| CVSS31Score | ||
| CVSS31Vector | ||
| CVSS40Score | ||
| CVSS40Vector | ||
| Impact | 0 1 2 3 4 5 default: 0 | |
| ImpactDescription | ||
| Likelihood | 0 1 2 3 4 5 default: 0 | |
| LikelihoodDescription | ||
| VulnerabilityTypes | DoS CodeExecution Overflow MemoryCorruption SqlInjection XSS DirectoryTraversal HttpResponseSplitting BypassSomething GainInformation GainPrivileges CSRF FileInclusion | |
| CWEList | for example: CWE-1; CWE-721 | { "findings": [ { "vuln_cwe": "N/A" } ] } |
| CVEList | for example: CVE-1; CVE-721 | { "findings": [ { "vuln_cve": "CVE-2020-2551" } ] } |
| MITRE ATT&CK Techniques | ||
| MITRE ATT&CK Mitigations | ||
| MITRE ATT&CK Tactics | ||
| Controls | ||
| Compliance Status | ||
| Compliance Comment | ||
| BackgroundInformation | ||
| Recommendation | { "findings": [ { "recommendation": "Apply the latest security patches provided by Oracle to mitigate this vulnerability." } ] } | |
| External References | { "findings": [ { "vuln_references": "<a href='https://github.com/hktalent/CVE-2020-2551' target='_blank' rel='external noopener noreferrer nofollow'>https://github.com/hktalent/CVE-2020-2551</a>\n<a href='https://nvd.nist.gov/vuln/detail/CVE-2020-2551' target='_blank' rel='external noopener noreferrer nofollow'>https://nvd.nist.gov/vuln/detail/CVE-2020-2551</a>\n<a href='https://www.oracle.com/security-alerts/cpujan2020.html' target='_blank' rel='external noopener noreferrer nofollow'>https://www.oracle.com/security-alerts/cpujan2020.html</a>\n<a href='https://github.com/neilzhang1/Chinese-Charts' target='_blank' rel='external noopener noreferrer nofollow'>https://github.com/neilzhang1/Chinese-Charts</a>\n<a href='https://github.com/pjgmonteiro/Pentest-tools' target='_blank' rel='external noopener noreferrer nofollow'>https://github.com/pjgmonteiro/Pentest-tools</a>\n" } ] } | |
| Status | Draft PendingFix Fixed ReadyRetest Accepted ToReview Reviewed default: Draft | |
| Evidence Title | { "findings": [ { "vuln_id": "NETSCAN-NUCLEI-CVE-CVE-2020-2551" } ] } | |
| Evidence Location | ||
| Evidence Version | ||
| Evidence Reproduction | ||
| Evidence Results | ||
| Evidence Issue Details |
Important Notes & Limitations
- The maximum number of findings that can be imported in a single upload is 5,000 findings.
- If your file exceeds this limit, the import may fail depending on the selected import options (e.g., aggregation settings or filtering by severity).