Vulnerability Response Process
The Security Emergency Response Center will strictly control the spread of vulnerability information and limit it to the person who handles the vulnerability. It also requires the vulnerability reporter to keep the vulnerability confidential until it is publicly disclosed.
The Security Emergency Response Center provides Base Metrics and Temporal Metrics for vulnerabilities based on the CVSS (Common Vulnerability Scoring System). Based on Customers’ environment, they can get Environmental Metrics according to their own needs.
Uniview uses CVE (Common Vulnerability and Exposures) and CNCVE to reference third-party vulnerability information.