Colleagues, The CVE Program is happy to announce two (2) new CNAs: Organization Name: Amazon Org Short Name: AMZN Organization Location: USA Scope: All Amazon and AWS products (including subsidiaries, supported, and EOL/EOS products), as well as vulnerabilities in third party software discovered by Amazon/AWS that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://aws.amazon.com/security/vulnerability-reporting Advisory location: https://aws.amazon.com/security/security-bulletins Public point of contact: aws-secur...@amazon.com<mailto:aws-secur...@amazon.com> CNA Type: Vendor, Bug Bounty Program, Open Source Organization Name: Cato Networks Org Short Name: Cato Organization Location: Israel Scope: All Cato Networks products and vulnerabilities in third-party products affecting Cato products unless covered by the scope of another CNA. Top-Level Root: MITRE Disclosure Policy location: https://event.catonetworks.com/securityissuesreport Advisory location: https://securityadvisories.catonetworks.com/ Public point of contact: vulnerability-rep...@catonetworks.com<mailto:vulnerability-rep...@catonetworks.com> CNA Type: Vendor, Researcher
Total CNAs: 389 CNAs (387 CNAs and 2 CNA-LRs) Total Countries: 40 (+ 1 no country affiliation) Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]