Confirmed users
570
edits
CA/Vulnerability Disclosure: Difference between revisions
CA/Vulnerability Disclosure (view source)
Revision as of 18:48, 12 September 2023
, 12 September 2023→Types of Vulnerabilities/Incidents to be disclosed: Minor edits
m (→Types of Vulnerabilities/Incidents to be disclosed: Rephrased to Security Incidents based on comment received) |
m (→Types of Vulnerabilities/Incidents to be disclosed: Minor edits) |
||
| Line 41: | Line 41: | ||
* Confirmed advanced persistent threats that attempt to compromise the CA's infrastructure, systems, or the reliability or validity of certificates. | * Confirmed advanced persistent threats that attempt to compromise the CA's infrastructure, systems, or the reliability or validity of certificates. | ||
'''The following | '''The following are NOT ordinarily considered to be Reportable Vulnerabilities:''' | ||
* Minor security policy violations: Non-malicious violations of internal security policies by employees that are promptly addressed and do not result in unauthorized access or compromise of critical systems or infrastructure. | * Minor security policy violations: Non-malicious violations of internal security policies by employees that are promptly addressed and do not result in unauthorized access or compromise of critical systems or infrastructure. | ||