NIST Enrichment Reductions Impact CVE Coverage, Accuracy
ID: 13602e55-3b5b-5fe8-be67-d1a29dd82c17
STIX ID: report--13602e55-3b5b-5fe8-be67-d1a29dd82c17
Feed Name: Dark Reading
Volerion's analysis of NVD data from April 15–June 15 finds that NIST's recent cutbacks to CVE enrichment left many accepted CVEs unanalyzed or delayed, reduced the number of NIST-produced CVSS vectors, and produced score and vector inconsistencies compared with CNAs and vendor assessments; the report highlights operational impacts for vulnerability prioritization (including FedRAMP reliance), provides examples of significant scoring disagreements, and recommends organizations adopt richer contextual prioritization and alternative enrichment sources.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
