CNAs and CVEs – Can allowing vendors to assign their own vulnerability IDs actually hinder security?

Discussion in 'other security issues & news' started by mood, Nov 3, 2020.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    38,160
    CNAs and CVEs – Can allowing vendors to assign their own vulnerability IDs actually hinder security?
    ‘If the organization is a CNA, they seem to get control over what vulnerabilities do or do not get CVE numbers’
    November 3, 2020

    https://portswigger.net/daily-swig/...wn-vulnerability-ids-actually-hinder-security
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.