Which organization maintains the Common Vulnerabilities and Exposures (CVE) repository?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which organization maintains the Common Vulnerabilities and Exposures (CVE) repository?

Explanation:
MITRE Corporation maintains the CVE repository. CVE provides a universal identifier for publicly known vulnerabilities, and MITRE runs the CVE List along with the process for issuing new CVEs, ensuring one consistent ID per vulnerability across disclosures. The National Vulnerability Database, run by NIST, is a separate catalog that aggregates CVEs and adds metrics like CVSS scores and references, but it relies on the CVE identifiers created and maintained by MITRE. CERT/CC and IEEE are not responsible for maintaining the CVE list.

MITRE Corporation maintains the CVE repository. CVE provides a universal identifier for publicly known vulnerabilities, and MITRE runs the CVE List along with the process for issuing new CVEs, ensuring one consistent ID per vulnerability across disclosures. The National Vulnerability Database, run by NIST, is a separate catalog that aggregates CVEs and adds metrics like CVSS scores and references, but it relies on the CVE identifiers created and maintained by MITRE. CERT/CC and IEEE are not responsible for maintaining the CVE list.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy