CERT-In authorized as CVE Numbering Authority (CNA)

By
Saurabh
-
0
283
MeitY
MeitY

Indian Computer Emergency Response Team ( CERT-In) has been undertaking responsible vulnerability disclosure and coordination for vulnerabilities reported to CERT-In in accordance to its vulnerability coordination role as a National CERT since its inception. To move a step further in the direction to strengthen trust in “Make in India” as well as to nurture responsible vulnerability research in the country, CERT-In has partnered with the Common Vulnerabilities and Exposures (CVE) Program. In this regard, Indian Computer Emergency Response Team (CERT-In) has been authorized by the CVE Program, as a CVE Numbering Authority (CNA) for vulnerabilities impacting all products designed, developed and manufactured in India.

CVE is an international, community-based effort and relies on the community to discover vulnerabilities. The vulnerabilities are discovered then assigned and published to the CVE List.  Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.

The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. It is an international, community-based effort and relies on the community to discover vulnerabilities. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities.

CNAs are organizations responsible for the regular assignment of CVE IDs to vulnerabilities, and for creating and publishing information about the Vulnerability in the associated CVE Record. The CVE List is built by CVE Numbering Authorities (CNAs). Every CVE Record added to the list is assigned by a CNA. The CVE Records published in the catalog enable program stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks. Each CNA has a specific Scope of responsibility for vulnerability identification and publishing.

To disclose vulnerability to CERT-In or to learn more about responsible disclosure process, visit CERT-In website @ https://www.cert-in.org.in/RVDCP.jsp .

Previous articleHome Minister inaugurates National Conference on “Delivering Democracy- Two Decades of PM Modi as Head of Government
Next articleSense of smell is our most rapid warning system says Karolinska Institutet
Saurabh
Saurabh
Saurabh Sinha, Editor of IndianBureaucracy.com, is known for his credible, precise and insightful coverage of governance, civil services and administrative developments in India. Under his leadership, the portal has grown into a trusted national platform for accurate updates, appointments and policy movements within the bureaucratic ecosystem. Saurabh’s strong professional networking and deep understanding of government functioning enable him to present timely, reliable and well-contextualised information to readers across sectors. As a thought-driven editor, he promotes informed dialogue on governance reforms while maintaining high editorial standards. His calm, consistent and detail-oriented approach continues to strengthen the portal’s reputation. इंडियनब्यूरोक्रेसी.कॉम के संपादक सौरभ सिन्हा देश की नौकरशाही, शासन व्यवस्था और प्रशासनिक गतिविधियों की विश्वसनीय तथा संतुलित रिपोर्टिंग के लिए जाने जाते हैं। उनके नेतृत्व में यह पोर्टल नियुक्तियों, नीतिगत बदलावों और प्रशासनिक खबरों का एक भरोसेमंद राष्ट्रीय स्रोत बन चुका है। शासन तंत्र की गहरी समझ और मजबूत पेशेवर नेटवर्क के कारण सौरभ पाठकों को समयबद्ध, सटीक और संदर्भित जानकारी प्रदान करते हैं। एक विचारशील संपादक के रूप में वे सुशासन, पारदर्शिता और सुधारों पर सकारात्मक संवाद को बढ़ावा देते हैं। उनकी शांत, सूक्ष्म और पेशेवर संपादकीय शैली पोर्टल की प्रतिष्ठा को लगातार मजबूत कर रही है।
Linkedin