CVMAP

REPRINTED FROM NVD - CVMAP (nist.gov)

As the CVE program has matured and evolved over time, a growing volume of CVE publication has shown that new systems of maintenance are needed to provide these data points in a timely fashion while maintaining consistency and quality. To support this need, the NVD initiated a new program for the submission of CVE metadata from CVE Numbering Authorities (CNAs) and Authorized Data Providers (ADPs), dubbed CVMAP.

Driven by data provided to the CVE List by CNAs and ADPs,the NVD will assess all information provided and associate metadata. If the information provided is consistent with the NVD staff assessment, the data providers will be able to increase their acceptance level for the submission category provided.

Once a data provider reaches the acceptance level of Provider, their information will instead be audited less often and immediately published to the website and data feeds. This program will result in more consistent practices across the information security communicty when providing standards and text-based information, alleviate the strain caused by the growing volume of CVE publications on NVD staff, and continue to retain consistency and quality of information for all consumers of CVE data.

For more detailed information regarding CVMAP, please review NIST.IR 8246.

Comprehensive detail will be published by eruditeMETA on an internal link. This entry will be updated  as the information is posted.

Until such time, please click Learn More below.