CVE dictionary contains more than 2,000 entries

CVE dictionary contains more than 2,000 entries

The Common Vulnerabilities and Exposures lexicon, developed by Mitre Corp. of Bedford, Mass., to bring order to IT security, has grown to include more than 2,000 entries.

The lexicon, found at cve.mitre.org, standardizes names and descriptions of known information security problems, making it easier for organizations to share data and for security tools to interoperate. Development began three years ago when there was no common way to identify or define the security exposures known at that time.

'When we started in 1999, there were 321 entries on the list. Now there are 2,032, plus an additional 1,994 candidates being reviewed,' CVE project leader Margie Zuk said.

Nearly 50 commercial, academic and government organizations, including the National Institute of Standards and Technology, have adopted the CVE, and 75 vendors of network security products and services have announced that they will conform to the lexicon.

The list of top 20 Internet security vulnerabilities published by the FBI and SANS Institute also follows the CVE lexicon.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • Congressman sees broader role for DHS in state and local cyber efforts

    Automating the ATO

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group