This is a potential security issue, you are being redirected to http://nvd.nist.gov
Last updated: 10/30/2014 12:41:26 PM
CVE Publication rate: 47.07
NVD provides four mailing lists to the public. For information and subscription instructions please visit
NVD Mailing Lists
Yes. You may begin participating by working with NIST on developing checklists for submission to the repository.
If you are interested in participating, please contact NIST; you can be placed on a mailing list for announcements and NIST can answer any questions you have and provide assistance as necessary. Please see the Contact page for further information on contacting NIST or download the participation materials.
NIST Special Publication 800-70: Security Configuration Checklists for IT Products Program contains details and instructions for new checklist development. The basic steps for checklist development are as follows:
The checklist documentation should contain the following:
For more specific details and procedures, download and read NIST Special Publication 800-70: Security Configuration Checklists for IT Products Program or contact NIST.
Existing checklists should be submitted to NIST along with a completed checklist description form (a blank version is available from this site; see the next question). Existing checklists that are created and supported by IT product vendors do not necessarily require a public review, however this will be determined on a case-by-case basis.
The checklist description describes various aspects of a checklist; the descriptions fields are accessible via the checklist repository so that users can browse and select checklists. You can download a blank checklist description form, complete its fields, and then return it along with the checklist and other related material to NIST. Refer to the participation materials.
Checklist producers, e.g., vendors, will be able to use the checklist program logo on product literature or websites to show participation in the NIST program and ownership of a checklist on the repository. To use the logo, the producer must provide assistance or support to its product users (as per its customary support agreements) who use the checklist; i.e., use of the checklist cannot void product warranties or support agreements. The logo does not convey NIST endorsement or support of the checklist or IT product. See the participation and logo usage agreement for more details.
Please send comments if your questions were not answered here.
& Privacy Statement / Security Notice
Send comments or suggestions to firstname.lastname@example.org
NIST is an Agency of the U.S. Department of Commerce
Full vulnerability listing