Common weakness enumeration |
|
Recommendation ITU-T X.1524 on the use of the common weakness enumeration (CWE) provides a structured means to exchange information security weaknesses that provides common names for publicly known problems in the commercial or open source software used in communication networks, end user devices, or any of the other types of information and communications technology (ICT) capable of running software. The goal of CWE is to enable more effective discussion, description, selection, and use of software security tools and services that can find these weaknesses in source codes and operational systems as well as better understanding and management of software weaknesses related to architecture and design. This Recommendation defines the use of CWE to provide a mechanism for software security tools, services, knowledge bases and other capabilities to be used together, and to facilitate the comparison of security tools and services. CWE also offers supportive context information about possible risks, impacts, fix information, and detailed technical information about what the software weaknesses could mean to a software system. |
|
Citation: |
https://handle.itu.int/11.1002/1000/11374 |
Series title: |
X series: Data networks, open system communications and security X.1500-X.1599: Cybersecurity information exchange X.1520-X.1539: Vulnerability/state exchange |
Approval date: |
2012-03-02 |
Provisional name: | X.cwe |
Approval process: | TAP |
Status: |
In force |
Maintenance responsibility: |
ITU-T Study Group 17 |
Further details: |
Patent statement(s)
Development history
|
|
|
Ed. |
ITU-T Recommendation |
Status |
Summary |
Table of Contents |
Download |
1
|
X.1524 (03/2012)
|
In force
|
here
|
here
|
here
|
Title |
Approved on |
Download |
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|