Sorry... I may have given you the wrong snippet of the JSON output. Here is the entire output from Kibana. I had to redact a few items but otherwise it's fully complete. Does your last post still apply?
{
"_index": "test_vulnerability-163",
"_type": "_doc",
"_id": "<REDACTED>-2457-183961",
"_version": 24,
"_score": 1,
"_ignored": [
"description.keyword"
],
"_source": {
"pci_status": "Fail",
"malware_kits": 0,
"last_assessed_for_vulnerabilities": "2022-02-04T06:57:43.822Z",
"cvss_availability_impact": "N",
"cvss_score": 3.5,
"pci_severity_score": 3,
"cvss_v3_confidentiality_impact": "L",
"cvss_v3_score": 4.800000190734863,
"cvss_vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"asset_id": 2457,
"os_certainty": 0.949999988079071,
"moderate": 0,
"cvss_impact_score": 2.8627498149871826,
"nvd": "https://www.rapid7.com/db/vulnerabilities/hp-ilo-cve-2021-29210",
"source_console": "<REDACTED>",
"cvss_integrity_impact": "P",
"dept_code": "<REDACTED>",
"@version": "1",
"title": "HP iLO: CVE-2021-29210: Cross-Site Scripting (XSS), Carriage Return Line Feed",
"os_type": "Lights Out Management",
"critical": 0,
"cvss_v3_integrity_impact": "L",
"description": "\n \n<p>A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.</p>\n ",
"data_type": "vulnerability",
"status": "Vulnerable version",
"exploit": 0,
"cvss_v3_scope": "C",
"os_description": "HP iLO 4",
"summary": "Upgrade HP iLO 4 to the latest version",
"solution_id": 6677,
"denial_of_service": false,
"port": null,
"service_line": "Undetermined",
"cvss_v3_attack_complexity": "L",
"temp": [
"2022-02-04T06:57:43.822Z"
],
"cvss_access_vector": "N",
"cvss_authentication": "S",
"date_published": "2021-05-19T00:00:00.000Z",
"cvss_access_complexity": "M",
"data_source": "nexpose",
"sites": "<REDACTED>",
"cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"date_found": "2021-10-02T06:28:29.661Z",
"@timestamp": "2022-02-04T15:35:42.044Z",
"service": null,
"cve": "CVE-2021-29210",
"host_name": null,
"pci_adjusted_cvss_score": 4,
"severity_score": 4,
"url": null,
"cvss_v3_user_interaction": "R",
"cvss_v3_impact_score": 2.7267508506774902,
"protocol": null,
"cvss_v3_exploit_score": 1.6677968502044678,
"risk_score": 59.95520782470703,
"date_last_seen": "2021-10-02T06:28:29.661Z",
"os_family": "iLO",
"mac_address": null,
"vulnerability_id": 183961,
"os_name": "iLO",
"severe": 1,
"pci_failures": 1,
"date_added": "2021-05-19T00:00:00.000Z",
"ip_address": "<REDACTED>",
"os_vendor": "HP",
"exploit_skill_level": null,
"malware_popularity": null,
"credential_status": "All credentials failed",
"date_modified": "2021-11-04T00:00:00.000Z",
"impacted_component": "hp-ilo",
"severity": "Severe",
"cvss_v3_attack_vector": "N",
"cvss_v3_availability_impact": "N",
"exploits": 0,
"key": "HP iLO 4",
"os_version": "4",
"cvss_exploit_score": 6.832000255584717,
"nexpose_id": "hp-ilo-cve-2021-29210",
"cvss_v3_privileges_required": "H",
"malware_kit": 0,
"pci_special_notes": "XSS vulnerabilities are a violation of the PCI DSS, and result in an automatic failure. Note this vulnerability's CVSS and severity scores have been modified to comply with PCI ASV program requirements. (Original NVD CVSS score: 3.5) ",
"proof": "<p><p>Vulnerable OS: HP iLO 4<p><ul><li>The property "firmware.version" contains: 2.70.</li></ul></p></p></p>",
"scan_type": "internal",
"os_system": "HP iLO",
"cvss_confidentiality_impact": "N",
"scan_history": [
"2022-02-04T06:57:43.822Z"
]
},
"fields": {
"dept_code": [
"<REDACTED>"
],
"data_source.keyword": [
"nexpose"
],
"pci_adjusted_cvss_score": [
4
],
"os_description": [
"HP iLO 4"
],
"cvss_v3_score": [
4.8
],
"cvss_vector.keyword": [
"AV:N/AC:M/Au:S/C:N/I:P/A:N"
],
"asset_id": [
2457
],
"nexpose_id": [
"hp-ilo-cve-2021-29210"
],
"os_version.keyword": [
"4"
],
"service_line.keyword": [
"Undetermined"
],
"pci_special_notes": [
"XSS vulnerabilities are a violation of the PCI DSS, and result in an automatic failure. Note this vulnerability's CVSS and severity scores have been modified to comply with PCI ASV program requirements. (Original NVD CVSS score: 3.5) "
],
"nexpose_id.keyword": [
"hp-ilo-cve-2021-29210"
],
"credential_status": [
"All credentials failed"
],
"cvss_confidentiality_impact": [
"N"
],
"date_published": [
"2021-05-19T00:00:00.000Z"
],
"source_console": [
"<REDACTED>"
],
"cvss_impact_score": [
2.8627498
],
"os_description.keyword": [
"HP iLO 4"
],
"last_assessed_for_vulnerabilities": [
"2022-02-04T06:57:43.822Z"
],
"cvss_v3_attack_complexity": [
"L"
],
"proof": [
"<p><p>Vulnerable OS: HP iLO 4<p><ul><li>The property "firmware.version" contains: 2.70.</li></ul></p></p></p>"
],
"cvss_access_vector": [
"N"
],
"moderate": [
0
],
"cvss_v3_integrity_impact": [
"L"
],
"vulnerability_id": [
183961
],
"cvss_v3_user_interaction": [
"R"
],
"pci_severity_score": [
3
],
"data_source": [
"nexpose"
],
"cvss_authentication": [
"S"
],
"date_added": [
"2021-05-19T00:00:00.000Z"
],
"malware_kits": [
0
],
"cvss_confidentiality_impact.keyword": [
"N"
],
"os_type": [
"Lights Out Management"
],
"cvss_v3_confidentiality_impact": [
"L"
],
"status": [
"Vulnerable version"
],
"cvss_score": [
3.5
],
"os_system.keyword": [
"HP iLO"
],
"pci_status": [
"Fail"
],
"cvss_v3_scope": [
"C"
],
"service_line": [
"Undetermined"
],
"credential_status.keyword": [
"All credentials failed"
],
"exploits": [
0
],
"pci_special_notes.keyword": [
"XSS vulnerabilities are a violation of the PCI DSS, and result in an automatic failure. Note this vulnerability's CVSS and severity scores have been modified to comply with PCI ASV program requirements. (Original NVD CVSS score: 3.5) "
],
"nvd.keyword": [
"https://www.rapid7.com/db/vulnerabilities/hp-ilo-cve-2021-29210"
],
"malware_kit": [
0
],
"cve": [
"CVE-2021-29210"
],
"os_family.keyword": [
"iLO"
],
"cvss_vector": [
"AV:N/AC:M/Au:S/C:N/I:P/A:N"
],
"cvss_v3_attack_vector": [
"N"
],
"cvss_v3_scope.keyword": [
"C"
],
"summary.keyword": [
"Upgrade HP iLO 4 to the latest version"
],
"cvss_v3_exploit_score": [
1.6677969
],
"os_certainty": [
0.95
],
"key": [
"HP iLO 4"
],
"impacted_component.keyword": [
"hp-ilo"
],
"os_vendor": [
"HP"
],
"os_version": [
"4"
],
"cvss_v3_attack_complexity.keyword": [
"L"
],
"cvss_v3_availability_impact": [
"N"
],
"date_last_seen": [
"2021-10-02T06:28:29.661Z"
],
"@timestamp": [
"2022-02-04T15:35:42.044Z"
],
"severe": [
1
],
"os_name": [
"iLO"
],
"cve.keyword": [
"CVE-2021-29210"
],
"exploit": [
0
],
"severity_score": [
4
],
"key.keyword": [
"HP iLO 4"
],
"scan_type": [
"internal"
],
"sites": [
"<REDACTED>"
],
"pci_failures": [
1
],
"cvss_access_complexity": [
"M"
],
"solution_id": [
6677
],
"severity.keyword": [
"Severe"
],
"cvss_access_complexity.keyword": [
"M"
],
"os_vendor.keyword": [
"HP"
],
"title.keyword": [
"HP iLO: CVE-2021-29210: Cross-Site Scripting (XSS), Carriage Return Line Feed"
],
"os_name.keyword": [
"iLO"
],
"cvss_v3_privileges_required": [
"H"
],
"pci_status.keyword": [
"Fail"
],
"cvss_v3_user_interaction.keyword": [
"R"
],
"scan_history": [
"2022-02-04T06:57:43.822Z"
],
"nvd": [
"https://www.rapid7.com/db/vulnerabilities/hp-ilo-cve-2021-29210"
],
"proof.keyword": [
"<p><p>Vulnerable OS: HP iLO 4<p><ul><li>The property "firmware.version" contains: 2.70.</li></ul></p></p></p>"
],
"cvss_availability_impact.keyword": [
"N"
],
"cvss_integrity_impact.keyword": [
"P"
],
"cvss_exploit_score": [
6.8320003
],
"@version.keyword": [
"1"
],
"cvss_v3_privileges_required.keyword": [
"H"
],
"os_system": [
"HP iLO"
],
"os_type.keyword": [
"Lights Out Management"
],
"cvss_availability_impact": [
"N"
],
"cvss_v3_attack_vector.keyword": [
"N"
],
"cvss_v3_confidentiality_impact.keyword": [
"L"
],
"os_family": [
"iLO"
],
"critical": [
0
],
"status.keyword": [
"Vulnerable version"
],
"cvss_v3_vector.keyword": [
"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
],
"description": [
"\n \n<p>A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.</p>\n "
],
"title": [
"HP iLO: CVE-2021-29210: Cross-Site Scripting (XSS), Carriage Return Line Feed"
],
"source_console.keyword": [
"<REDACTED>"
],
"@version": [
"1"
],
"date_found": [
"2021-10-02T06:28:29.661Z"
],
"cvss_v3_integrity_impact.keyword": [
"L"
],
"scan_type.keyword": [
"internal"
],
"impacted_component": [
"hp-ilo"
],
"dept_code.keyword": [
"<REDACTED>"
],
"summary": [
"Upgrade HP iLO 4 to the latest version"
],
"severity": [
"Severe"
],
"temp": [
"2022-02-04T06:57:43.822Z"
],
"risk_score": [
59.955208
],
"cvss_authentication.keyword": [
"S"
],
"cvss_access_vector.keyword": [
"N"
],
"ip_address": [
"<REDACTED>"
],
"denial_of_service": [
false
],
"cvss_v3_availability_impact.keyword": [
"N"
],
"ip_address.keyword": [
"<REDACTED>"
],
"data_type.keyword": [
"vulnerability"
],
"cvss_v3_impact_score": [
2.7267509
],
"date_modified": [
"2021-11-04T00:00:00.000Z"
],
"data_type": [
"vulnerability"
],
"sites.keyword": [
"<REDACTED>"
],
"cvss_v3_vector": [
"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
],
"cvss_integrity_impact": [
"P"
]
},
"ignored_field_values": {
"description.keyword": [
"\n \n<p>A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.</p>\n "
]
}
}