[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New CNA - Booz Allen Hamilton

Why do we have Board calls if what is discussed on the calls are just ignored?  I personally feel there were serious issues discussed with these types of CNAs but yet here we are with the Board comments totally ignored and the focus of the discussion now a CNA? We specifically discussed BAH and multiple Board Members had issues. 


I personally do NOT want a slew of beltway bandits lining up with “me-too” requests. This type of CNA is NOT helpful to CVE, as discussed on the Board call.


But that’s ok, no one will listen yet again to the thoughts and comments of Board members.



Kent Landfield





From: <owner-cve-editorial-board-list@lists.mitre.org> on behalf of "Adinolfi, Daniel R" <dadinolfi@mitre.org>
Date: Monday, November 6, 2017 at 1:13 PM
To: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
Subject: New CNA - Booz Allen Hamilton




Booz Allen Hamilton is now a CNA. Their scope is all Booz Allen Hamilton products as well as vulnerabilities in third-party software discovered by Booz Allen Hamilton that are not covered by another CNA.


Note, though we discussed the concerns related to too many new CNAs being on-boarded during last week's Board meeting, BAH was in the queue and had requested their participation many weeks ago.


Their public contact point is CVE@bah.com.






Daniel Adinolfi, CISSP

Lead Cybersecurity Engineer, The MITRE Corporation

CVE Numbering Authority (CNA) Coordinator

Email: <dadinolfi@mitre.org>  Phone: 781-271-5774




Page Last Updated or Reviewed: November 06, 2017