For more security –
Hallo Welt! is now a CVE Numbering Authority
23. June 2022
Hallo Welt! has taken an important step to providing more security and transparency to our community and customers. We have been authorized by the CVE Program as a CVE Numbering Authority (CNA).
This means we can now add any security issues with BlueSpice to a central, publicly available database. This helps our users and automated security checkers to identify vulnerable versions of BlueSpice, assess the severity, and obtain information on how to fix the issues.
In the process of getting authorized, we have also reworked our security disclosure infrastructure. There is now a policy for disclosure of vulnerabilities as well as a list of security advisories for our product.
We highly appreciate the work of the CVE community and team and we are proud to be part of a program that increases the security of software development and usage.
What is CVE?
The CVE Program is an international, community-based effort and relies on the community to discover vulnerabilities, which are discovered then assigned and published to the CVE List. This list is built by CVE Numbering Authorities (CNAs) and enables program stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks.
Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
The CVE Board, which drives the direction of the CVE Program, consists of industry, academic, and government representatives from around the world. CVE Working Groups develop the program’s policies (approved by the CVE Board) and are open to the community.
Share This Story, Choose Your Platform!
Except where otherwise noted, news on this site is licensed under a Creative Commons Attribution 4.0 International license. |