Professional Documents
Culture Documents
Entity Relationship Diagram Schema
Overview:
This document contains the details of the database schema of ManageEngine
Vulnerability Manger Plus.
Database Details:
The basic database details such as data type, data storage format, and the data
description are explained in this document.
Supported Database:
PostgreSQL and MSSQL
Table Details:
Table Name Description
Vulnerability It contains vulnerability related details.
Table Name Description
VulToCVSSThree
CVSS 3.0 metrics for each vulnerability -
base score, temporal score and overall
score.
VulToCVSS
CVSS metrics for each vulnerability - base
score, temporal score and overall score.
VulToPatchRel Vulnerability Patch Relation. If the patchid
is missing, then the vulnerabilityid is valid
CVEDetails This table contains CVE details
CVETypes The different types of Vulnerabilities like -
Denial Of Service, Overflow, Execute Code,
CSRF etc
CVEToCVSS CVSS metrics for each CVE - base score,
temporal score and overall score
CVEToCVSSThree CVSS 3.0 metrics for each CVE - base
score, temporal score and overall score
VulToCVERel Gives the relation between vulnerabilities
and CVE ids
ResourceToVulnerability Mapping between the resourceID and
vulnerability ID. This data is populated
after the agent scan.
DeclinedResToVuln ResToVuln mapping for exempted
VulnerabilityIDs
ResVulAffProd This table stores the details of software
affected by vulnerability in a resource
AffectedVPatchStatus Mapping between the resourceID and
patch IDs with respect to vulnerabilities.
This data is populated after the agent
scan.
ResourceToVMSSoftware This table stores cumulative products that
are installed along with its version.
DeletedResToVuln ResToVuln mapping for exempted CVEs
and CVEs that got fixed in the agent scan
Table Name Description
DeletedAffVPatchStatus This is the table which stores the details
of patches related to the resource and
there status.
VMResProdVulCount ResourceSummary: Vulnerability Count
for each resource-product combination
VMResProdSummary Number of affected products in a
resource
VMResVulSummary ResourceSummary: Consolidated counts
of resource to vulnerability
VMResExpVulSummary ResourceSummary: Consolidated counts
of resource to exploitable vulnerability
VMResHealthSummary The health status of a resource
TechVulAffProd This table stores the details of software
affected by vulnerability in a network
TechAffVPatchStatus This table stores the missing patch count
in a network
TechVulAffSysCount VulnerabilitySummary: The number of
affected systems for a vulnerability id
TechVulPublishMatrix VulnerabilitySummary: Summary count by
publish age and severity for each
technician
TechVulAffDeviceCount VulnerabilitySummary: The number of
affected devices for a vulnerability id
TechVulDiscoverMatrix VulnerabilitySummary: Summary count by
discovery age and severity for each
technician
TechExpVulPublishMatrix Exploitable VulnerabilitySummary:
Summary count by publish age and
Table Name Description
severity for each technician
TechExpVulDiscoverMatrix Exploitable VulnerabilitySummary:
Summary count by discovery age and
severity for each technician
TechVulSummary Network Summary: Consolidated count of
Vulnerability Summary
TechExpVulSummary Exploitable Vulnerable Summary:
Consolidated count of Exp Vulnerability
TechVulDiscoverAge Network Summary: Consolidated count of
exploitable Vulnerability Summary
VulnSummaryParams Params to store the metadata about the
Vulnerability Manager Summary Handling
VulSummaryReqTechs Table which stores the technician with
customer that requires vulnerability
summary
VulSyncTime For new vulnerabilities count; Entry into
this, after every sync 24 hours show this
vuln
TechVulTrend To maintain the trend of vulnerability
counts in the technicians network.
Updated once in a day
VulHealthToSeverityCount Vulnerability health count based on
severity count
ResWebProdDetails This table stores the details of software
affected by vulnerability in a resource
Table Name Description
ResourceToWebHardening Mapping between the resourceID and
vulnerability ID. This data is populated
after the agent scan
ResourceToServerVulnerabilities Mapping between the resourceID and
vulnerability ID for web and DB servers.
This data is populated after the agent
scan.
DeclinedResToServerVuln ResToServerVuln mapping for exempted
VulnerabilityIDs
ResDBProdDetails This table stores the details of database
software affected by vulnerabilities in a
resource
DeclinedResToWebHardening ResToMC mapping for exempted
HARDENINGIDs
DeclinedResToMSSoftware ResToMC mapping for exempted
PRODUCTIDs
TechWebHardSysCount This table stores the details of software
affected by vulnerability in a network
DynamicCriticalThreatsDup This table holds the Zeroday vulnerability
data
VulnParams This table will contain the vulnberability
parameters. As the values would be in
Key-Value format, this table structure
captures the same. Based on the visibility
we can revisit this table later.
DeclinedVulnerabilities This table contains the Vulnerabilities that
are Declined.
Table Name Description
DeclinedMisConfigurations This table contains the MisConfigurations
that are Declined.
DeclinedHardening This table contains the Hardening's that
are Declined.
VMDeclinedApplications This table contains the Applications that
are Declined.
DeclinedThreatGroups This table contains details of User
Defined Groups.
DiscoveredNWDetails Dummy table to store the details of the
discovered network devices from nmap.
This data is populated after each network
discovery.
ManagedNWDevice This table will contain the details of all
managed network devices.
BranchMemberNWResourceRel This table contains the branch / network
device resource members relationship.
NWDeviceDetails Details of the scanned network devices.
This data is populated after each network
device scan.
NWDeviceHardwareInfo Hardware Details of the scanned network
devices. This data is populated after each
network device scan.
NWScanDetails This table contains the scan details of the
network devices
SnmpV1V2CredentialDetails This table represents SNMPV1V2
Credential details.
Table Name Description
SnmpV3CredentialDetails This table represents SNMPV3 Credential
details.
SSHCredentialDetails This table represents SSH Credential
details.
NWDeviceCredentialMapping This table represents Resource to
credential mapping.
NWResourcesInfo This table contains informations about
the mapped device id.
NWResourcesProtocol This table contains information about the
protocol combination selected by the user
to manage the Resource.
DCQueueNetworkDeviceServiceInfo This table contains the information about
the files from the Network Device scan
data. This queue is for storing the
Network Device scan data from local
office.
NetworkDevicesCGMeta This table contains the MetaData details
of Network Device Custom Groups
NWResourceToVulnerability Mapping between the resourceID and
vulnerability ID. This data is populated
after the network device scan.
UserNetworkDeviceMapping This table shows user&Network Device
CustomGroup relationship
NWDeployment Network device Deployment details.
Table Name Description
NWDeploymentDetails This table contains the patch deployment
details of the network devices
NWDeploymentToRORel This table contains deployment to Branch
office relationship.
NWDeploymentToDeviceMapping This table contains deployment to device
relationship.
NWDeploymentToCGMapping This table contains deployment to custom
group relationship.
DCUsersNWDeploymentMapping Contains the Method details
PatchToNetworkDeviceFileMapping This table contains patch to network
device file relationship.
PatchToNWDeploymentMapping This table contains patch to deployment
relationship.
NWVulSummaryReqTechs Table which stores the technician with
customer that requires Network device
vulnerability summary
VulToPlatform This table stores the relation between
Vulnerability and its corresponding
platform.
ResMCDetails Agent status of the misconfiguration
DeclinedResToMCDetails ResToMC mapping for exempted
MISCONFIGIDs
ResMCSummary This is summary table contains resource's
misconfiguration count.
Table Name Description
ResToRecurringMisconfig Agent status of the misconfigurations
that occur in the resource again
ResMCDeploymentDetails ResourceSummary - Last Deployment
Status for each resource
DupResMCAdminUsers This Table using after scanning
completed process in server side.
DupResMCAVStatus This Table using after scanning
completed process in server side.
DupResMCTPFirewallStatus This Table using after scanning
completed process in server side.
DupResMCFirewallStatus This Table using after scanning
completed process in server side.
DupResMCBitLockerStatus This Table using after scanning
completed process in server side.
DupResMCShareDetails This Table using after scanning
completed process in server side.
InstallMisconfigStatus This table contains misconfiguration
install status
ResMCAdminUsers Resource administration misconfiguration
status
ResMCAVStatus Resource with misconfiguration and anti
virus status
ResMCTPFirewallStatus Resource with misconfiguration third
party firewall status
ResMCFirewallStatus Resource with misconfiguration firewall
status
ResMCBitLockerStatus Resource misconfiguration with Bit locker
status
ResMCShareDetails Resource misconfiguration with share
details.
TechMCDetails Summary generation details of
misconfiguration details.
Table Name Description
TechDeviceMCDetails Summary generation details of network
device misconfiguration details.
TechMCGroupDetails MCSummary: Policy Summary on the
number of rules in a group are affected
MCSummaryReqTechs Table which stores the technician with
customer that requires vulnerability
summary
MCSummaryParams Params to store the metadata about the
Misconfiguration Manager Summary
Handling
ResourceToPortInfo This table stores information about each
listening ports in the system
TechPortInfo This table holds the summary generation
details of PortInfo
MCDeploymentTime This table holds the MC last deployment
time
UninstallSWStatus This table holds SW uninstall status
TechUninstallProducts Summary generation of uninstall details
of product
CommonlyUsedPorts This table contains port details commonly
used
DupResMCLinuxEncryptionStatus This table used after the scanning
completed in server side. This table data
populate from agent side
DupResMCLinuxSecurityModule This table used after the scanning
completed in server side. This table data
populate from agent side
ResMCLinuxEncryptionStatus What are the paths are encrypted. Those
Table Name Description
kinds of information this table hold
ResMCLinuxSecurityModule Linux machine whether it has security
enabled or not. This table holds this info
ResWebMCSummary This table contains Web misconfiguration
details
Schema Diagram: