[VIM] "CVENEW" messages to be posted to VIM during NVD outage

Jake Kouns jkouns at opensecurityfoundation.org
Wed Mar 13 15:45:59 CDT 2013


It seems like NVD has been having trouble with availability for the
last several weeks.  How many outage have they had and what is the
total duration at this point?

On Wed, Mar 13, 2013 at 4:35 PM, Christey, Steven M. <coley at mitre.org> wrote:
> As VIM subscribers probably know, the National Vulnerability Database
>
> (NVD) is having a temporary outage.  At http://nvd.nist.gov/, NIST
>
> says "We are working to restore service as quickly as possible."
>
>
>
> Many people rely on NVD feeds to learn about newly-updated CVEs.  The
>
> CVE web site does not provide such feeds, since that would duplicate
>
> NVD functionality.
>
>
>
> However, the CVE project sends notification emails for newly-updated
>
> CVEs to a limited set of CVE-compatible users, often several times a
>
> day.  Until NVD service is reliably restored, I will be posting these
>
> "CVENEW" messages to the Vulnerability Information Managers (VIM)
>
> list.  While they do not contain the extra data that NVD provides,
>
> such as CVSS and CPE names, hopefully this will help some people to
>
> monitor new CVEs.
>
>
>
> Note that the VIM list is not the place to post general vulnerability
>
> announcements; it is specifically designed for maintainers of
>
> vulnerability databases and information services.
>
>
>
>
>
> Regards,
>
> Steve Christey
>
> CVE Editor
>
>


More information about the VIM mailing list