CVE - CVE Adoption Program

About CVE

Terminology
Documents
FAQs
CVE List

About CVE Identifiers
Obtain a CVE Identifier
Search CVE
Search NVD
CVE In Use

CVE Adoption
CVE-Compatible Products
NVD for CVE Fix Information
More . . .
News & Events

Calendar
Free Newsletter
Community

CVE Editorial Board
Sponsor
Contact Us

Search the Site

CVE Adoption Program

CVE Compatibility
What It Means to Be Compatible
Process
Requirements
Benefits

Compatible Products and Services

Declarations to Be Compatible
Organizations Participating
Product List
Country List
Product Type List
CVE Identifiers in Advisories
Make a Declaration

Items of Interest

FAQs

CVE Adoption Program

MITRE has partnered with the U.S. National Institute of Standards and Technology (NIST) to replace the CVE Compatibility program with two independent but complementary efforts, a "CVE Adoption Program" managed by MITRE and the "Security Content Automation Protocol (SCAP) Validation Program" managed by NIST.

This new combined process will allow MITRE to focus more exclusively on directly advancing the CVE standard as well as supporting organizations that have adopted or are adopting CVE, rather than on confirming adherence to compatibility requirements.

New Program Roll-Out

During the coming months the CVE Web site will be updated to reflect the new program. Products currently listed in the CVE Compatibility section will be moved into a new CVE Adoption section. Organizations with products registered as CVE-Compatible may continue to use the CVE-Compatible logo during the transition.

Detailed Description

For descriptions of how the two programs interrelate, including an overview of the new process from an adopting vendor’s perspective, please read The MITRE Adoption Programs and the NIST SCAP Validation Program (438k, PDF).

Feedback

Please send any comments or concerns to cve@mitre.org.

Page Last Updated: March 16, 2009