To commemorate the 25th anniversary of the Common Vulnerabilities and Exposure (CVE) Program, Tenable developed a blog post spotlighting some of the most significant CVEs over the past 25 years, including BlueKeep, Heartbleed, EternalBlue, CVE-2017-5638 (the Apache Struts vuln that lead to the 2017 Equifax breach), among others. Full blog can be read here: https://www.tenable.com/blog/from-bugs-to-breaches-25-significant-cves-as-mitre-cve-turns-25
Below is what Satnam Narang, Senior Staff Research Engineer, Tenable, has to say on the Common Vulnerabilities and Exposure (CVE) Program.
“The launch of the MITRE CVE Program was an important step in the identification and management of vulnerabilities. Its adoption and the continued slew of CVEs being assigned each year is a testament to how vital the program has become and how important it will be in the future, especially now that cloud service providers (CSPs) are being transparent and assigning CVEs to cloud vulnerabilities. Shining a light on vulnerabilities that need to be remediated quickly is an vital part of a proactive cybersecurity, in which known vulnerabilities still represent the lion’s share of risk.”—-Satnam Narang, Senior Staff Research Engineer, Tenable
