|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Should be a CVE?
- To: "cve-editorial-board-list@lists.mitre.org" <cve-editorial-board-list@lists.mitre.org>
- Subject: Should be a CVE?
- From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
- Date: Tue, 12 Sep 2017 19:19:46 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is 129.83.29.2) smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (message not signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=none header.from=nist.gov;
- Delivery-date: Tue Sep 12 15:57:46 2017
- List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- Sender: <owner-cve-editorial-board-list@lists.mitre.org>
- Spamdiagnosticmetadata: 5952c28dcc454f0789fb433d26f936ef
- Spamdiagnosticoutput: 1:2
- Thread-index: AdMr+xKdVI7ZMURKTvWrOLZub/VO9A==
- Thread-topic: Should be a CVE?
Looking at the following, it appears that a CVE was issued for the potential that someone might upgrade software to a vulnerable version, which has another CVE. I don't think this should qualify as a CVE, given the actual vulnerability already has one. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5698 Should this CVE be rejected? Regards, Dave
- Follow-Ups:
- RE: Should be a CVE?
- From: Beverly Finch <beverlyfinch@lenovo.com>
- Re: Should be a CVE?
- From: Art Manion <amanion@cert.org>
- RE: Should be a CVE?
- Prev by Date: CNA Rules Revision Phase 2 - Week 6
- Next by Date: RE: Should be a CVE?
- Previous by thread: CNA Rules Revision Phase 2 - Week 6
- Next by thread: RE: Should be a CVE?
- Index(es):