By Raphael Satter
WASHINGTON (Reuters) – U.S. officials have said at the last minute that they’re extending support for a critical database of cyber weaknesses whose funding was due to run out on Wednesday.
The planned lapse in payments for the MITRE Corp’s Common Vulnerabilities and Exposures database spread alarm across the cybersecurity community. The database, which acts as a kind of catalog for cyber weaknesses, plays a key role in enabling IT administrators to quickly flag and triage the myriad different bugs and hacks discovered daily.
The Cybersecurity and Infrastructure Security Agency said in an email on Wednesday that the CVE program was “invaluable” and that it had executed an “option period on the contract to ensure there will be no lapse in critical CVE services.”
A CISA spokesperson didn’t immediately return an email seeking details on the option period or the continuation in funding. MITRE didn’t immediately return an email seeking comment.
(Reporting by Raphael Satter; Editing by Mark Porter)
Comments