|
|
The information below replaces the Product Coverage and Sources list:
The “Request a CVE ID” form in the CVE Request Web Form is primarily intended for vulnerabilities in any product from any vendor that is not currently participating as a CVE Numbering Authority (CNA). For the web form, you may enter any vendor name that is NOT on this list.
However, the “Request a CVE ID” option in the web form may also be used for cases where the vendor is a participating CNA, you have already sent a request to the vendor CNA, and you believe (because of the vendor’s response or the amount of elapsed time) that you have a valid reason to escalate the request. For more information about escalations, refer to the CNA Rules.
Each CNA has a different process for handling the CVE ID requests that it receives. To learn more about what you should expect after sending your request, see the Disclosure Policy link for the responsible CNA; this link can be found in the “CNA Contact Email and/or Webpage” column of the Participating CNAs table on the Request CVE IDs page.