all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Clarification on CVE Records with a DISPUTED Tag

Add to bookmarks
Jan. 30, 2024, 10:04 p.m. | CVE Program Blog

Stories by CVE Program Blog on Medium medium.com

By Shannon Sabens, CVE Board member and Outreach and Communications Working Group (OCWG) Co-Chair

Several years ago, it was clear to the CVE Board that we would need a specific process for the inevitable disputes that may arise around vulnerability reporting. Potential scenarios may be obvious to many, but a basic example would be when a finder reports a potential vulnerability to a vendor/maintainer that agrees a bug exists but disagrees that it’s a potential security hole.

CVE Record Dispute …

cybersecurity information security infosec vulnerability vulnerability management

Visit resource

More from medium.com / Stories by CVE Program Blog on Medium

CNA Rules Version 4.0 Update and Transition 9 hours ago | medium.com
authority board board members cna +20
Support for Legacy CVE Download Formats to End on June 30, 2024 6 days, 19 hours ago | medium.com
csv cve cybersecurity download +12
We Speak CVE Podcast — “Swimming in Vulns (or, Fun with CVE Data Analysis)” 1 week ago | medium.com
cybersecurity information security information technology vulnerability +1
New CVE Record Format Enables Additional Data Fields at Time of Disclosure 1 week, 4 days ago | medium.com
cve cybersecurity data disclosure +14
We Speak CVE Podcast — “Meet the 3 New CVE Board Members” 4 weeks ago | medium.com
cybersecurity information security information technology vulnerability +1
Our CVE Story: Ericsson’s Journey as a CVE Numbering Authority (CNA) 1 month ago | medium.com
authority authors cna cve +26
We Speak CVE Podcast — “CVE Records States and Tags” 1 month, 1 week ago | medium.com
cybersecurity information security information technology vulnerability +1
Get Ready for “CVE/FIRST VulnCon 2024” on March 25–27, 2024! 1 month, 2 weeks ago | medium.com
carolina center cve cybersecurity +18
CVE Program Report for Quarter 4 Calendar Year (Q4 CY) 2023 1 month, 2 weeks ago | medium.com
cybersecurity information security information technology vulnerability +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Problem Manager

@ Deutsche Bank | Bucharest
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, VA, Chantilly (15009 Conference Ctr Dr)
View on infosec-jobs.com

Senior Account Executive - Cybersecurity

@ OpenText | Virtual, CA
View on infosec-jobs.com

Grants Compliance Senior Specialist

@ Plan International | Bamako, Mali
View on infosec-jobs.com

Sr. Cybersecurity Engineer- Tenable

@ phia, LLC | Arlington, VA
View on infosec-jobs.com

Portfolio Manager- Enterprise Information Security Auditing

@ American Chemical Society | Columbus, OH, US, 43202
View on infosec-jobs.com
View more jobs