CA/Vulnerability Disclosure: Difference between revisions

Jump to navigation Jump to search

CA/Vulnerability Disclosure (view source)

Revision as of 18:48, 12 September 2023

1 byte added ,  12 September 2023
m
→‎Types of Vulnerabilities/Incidents to be disclosed: Minor edits
m (→‎Types of Vulnerabilities/Incidents to be disclosed: Rephrased to Security Incidents based on comment received)
Line 41: Line 41:
* Confirmed advanced persistent threats that attempt to compromise the CA's infrastructure, systems, or the reliability or validity of certificates.  
* Confirmed advanced persistent threats that attempt to compromise the CA's infrastructure, systems, or the reliability or validity of certificates.  


'''The following would not ordinarily be considered Reportable Vulnerabilities:'''
'''The following are NOT ordinarily considered to be Reportable Vulnerabilities:'''


* Minor security policy violations:  Non-malicious violations of internal security policies by employees that are promptly addressed and do not result in unauthorized access or compromise of critical systems or infrastructure.
* Minor security policy violations:  Non-malicious violations of internal security policies by employees that are promptly addressed and do not result in unauthorized access or compromise of critical systems or infrastructure.
Bwilson
Confirmed users
569

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1247928"

Navigation menu