Skip to content

Security: Request CVE

Jen Lampton edited this page Nov 26, 2024 · 2 revisions

Request a CVE

  1. Fill out the form to request CVE IDs directly from the CVE Program Root CNA (currently MITRE)
  • Request type: Request a CVE ID
  • Your email address (use [email protected], or your own email)
  • Vulnerabiity type: pull this from the Vulnerability field on our SA
  • Vendor of the product(s): Backdrop CMS
  • Affected product(s)/code base:
    • Product: Backdrop CMS core
    • Version: pull this from the Versions affected field on our SA
  • Has vendor confirmed or acknowledged the vulnerability? YES (always)
  • Attack type: Remote (always)
  • Impact: only check these boxes if there are matching values in the Vulnerability field on our SA, otherwise tick 'Other'
    • Other impact: pull this from the Vulnerability field on our SA
  • Affected component(s): Usually "affected function".
  • Attack vector(s): Answer to the best of your ability
  • Suggested description of the vulnerability for use in the CVE: Copy the body from our SA
  • Discoverer(s)/Credits: copy from the Reported By field on our SA
  • Reference(s): Link to our SA, Link to drupal.org SA, other links as appropriate
  • Additional information: other info as appropriate

For an overview, visit the information page