CVE Compatibility Process (Archived)


NOTICE: The CVE Compatibility Program has been discontinued. The product listings included in this section have been moved to "archive" status.

MOVING FORWARD: Please follow these CVE Compatibility Guidelines to make your product or service "CVE Compatible."


Archived:


The CVE Compatibility Process allows organizations to complete and post a questionniare on the CVE website that explain in detail how their cybersecurity product(s) and service(s) include CVE Identifiers.

Products and services recognized as Officially CVE-Compatible, as well as those working towards compatibility, will be posted in the "CVE-Compatible Products and Services" section of the CVE website, and announced on the CVE News & Events page and in the CVE-Announce e-newsletter.

Phase 1 – The Declaration Phase:

  1. Review the "Requirements and Recommendations for CVE Compatibility" document.
  2. Review the existing declarations listed on the CVE-Compatible Products and Services section.
  3. Send an email to cve@mitre.org requesting the "CVE Compatibility Declaration Form."
  4. CVE Team sends you the declaration form.
  5. Complete and return the form to cve@mitre.org.
  6. Your declaration is posted in the Compatibility section on the CVE website.
  7. If CVE Output, CVE Searchability, and CVE Documentation responses are all "yes," proceed to phase 2. If not, wait and then notify the CVE Team when these are completed.

Phase 2 – The Questionnaire Phase:

  1. Upon completion of phase 1, send an email to cve@mitre.org requesting the "CVE Compatibility Questionnaire" form.
  2. Complete and return the questionnaire, along with copies of any supporting documentation, to cve@mitre.org.
  3. The completed questionnaire is posted and the organization is listed as "Officially CVE-Compatible" on the CVE website. The organization also receives authorization to use the CVE-Compatible Product/Service logo for the specified product(s) or service(s).

Contact Instructions

To begin the process, review the official CVE Compatibility Process detailed above then send an email to cve@mitre.org requesting the Declaration Form along with your company name and contact information, the type of product, and the name of the product or service.

You will receive specific instructions for completing and submitting additional information as the process continues.

Page Last Updated or Reviewed: September 26, 2017