Publication Peer Review
Top Concerns With Vulnerability Data
Open Until: 10/10/2024
The cybersecurity landscape relies on managing vulnerabilities, with systems like the Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS) playing pivotal roles. However, these systems are increasingly struggling to handle the growing complexity and volume of vulnerabilities, as demonstrated by the 2024 halt in CVE publication by the National Vulnerability Database (NVD). This paper highlights the critical shortcomings in vulnerability data management, such as outdated information, limited context, and inefficiencies in scoring. It also explores potential solutions to improve how vulnerabilities are tracked, scored, and prioritized to meet the demands of modern cybersecurity.