[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [EXTERNAL] TRA-2021-14/CVE-2021-20095 status

It was an internal discussion about security boundaries that were(n't) crossed as a result of the vulnerability and the decision of the researcher who discovered the issue that a CVE wasn't warranted.

Regards,
Rajiv 

On Tue, Oct 19, 2021 at 9:31 PM Salvatore Bonaccorso <carnil@debian.org> wrote:
*** CAUTION: This email was sent from an EXTERNAL source. Think before clicking links or opening attachments. ***

Hi,

On Mon, Oct 18, 2021 at 09:58:31AM -0700, Rajiv Motwani wrote:
> Hi Sylvain,
>
> Those CVEs were registered in error and were requested to be listed as
> REJECTED. There are no plans to re-register these issues under new
> identifiers.

Out of interest, can you elaborate on this a bit more? Was this
because the CVE assignement was not done from the CNA covering the
product in its scope or other reasons?

Regards,
Salvatore



--

Rajiv Motwani | Senior Director of Research, Vulnerability Detection
Tenable
7021 Columbia Gateway Drive, Suite 500
Columbia, MD 21046
rmotwani@tenable.com
M: +1 (978) 875-3486
tenable.com
Reply to: