UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ITU-T X.1520

Common vulnerabilities and exposures

active, Most Current
Buy Now
Organization: ITU-T
Publication Date: 1 January 2014
Status: active
Page Count: 22
scope:

This Recommendation on the use of the common vulnerabilities and exposures provides a "structured means" for the global exchange of publicly known, mature vulnerabilities and exposures information that are detected by security tools or otherwise become public. This "structured means" is often referred to as "CVE compatibility" and defines the correct use of CVE. An information security vulnerability is a mistake in software that can be directly used by a hacker to gain access to a system or network. An information security exposure is a mistake in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network. The assignment of CVE identifiers is not within the scope of this Recommendation.

Recommendation ITU-T X.1520 has been developed on a collaborative basis with the MITRE Corporation, bearing in mind the importance of maintaining, to the extent possible, technical compatibility between Recommendation ITU-T X.1520 and the "Requirements and Recommendations for CVE Compatibility", 30 June 2013, available at https://cve.mitre.org/compatible/Requirements_for_CVE_Compatibility_V1.3.pdf.

Document History

ITU-T X.1520
January 1, 2014
Common vulnerabilities and exposures
This Recommendation on the use of the common vulnerabilities and exposures provides a "structured means" for the global exchange of publicly known, mature vulnerabilities and exposures information...

References

This document references:
ITU-T X.1500.1 - Procedures for the registration of arcs under the object identifier arc for cybersecurity information exchange
Published by ITU-T on March 1, 2012
This Recommendation specifies the procedures for operating the registration of OID arcs to identify cybersecurity information, organizations exchanging that information, and associated policies under...
This document is referenced by:
ITU-T X.1546 - Malware attribute enumeration and characterization
Published by ITU-T on January 1, 2014
This Recommendation provides a structured means to promote open and publicly available security content about malware and malware behaviours, and to standardize the transfer of this information...
This document is referenced by:
ITU-T X.1211 - Techniques for preventing web-based attacks
Published by ITU-T on September 1, 2014
This Recommendation provides techniques for preventing web-based attacks. It describes the use scenarios to distributing malwares through the web as well as the functional techniques and functions to...
This document is referenced by:
ITU-T X.1525 - Common weakness scoring system
Published by ITU-T on April 1, 2015
This Recommendation provides a standardized approach for communicating the characteristics and impacts of weaknesses during development of ICT software capabilities using attack surface and...
This document is referenced by:
ISO/IEC DIS 30754 - Information technology - Software trustworthiness - Governance and management - Specification
Published by ISO on April 6, 2016
This International Standard provides a specification for software trustworthiness, that is intended to be a widely applicable approach that can be customised for any organization, and to software in...
This document is referenced by:
GS NFV-SEC 006 - Network Functions Virtualisation (NFV); Security Guide; Report on Security Aspects and Regulatory Concerns
Published by ETSI on April 1, 2016
The present document is a guide to developers of NFV related documents and applications in means to address the security aspects and regulatory concerns as they impact the security of deployed...
View Less
View All
Advertisement