🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
Thank you for reaching out! We’re currently exploring options for updating the Center’s ATT&CK to CVE mapping, including active discussions with the MITRE CVE Team.
One of our goals of this project has always been to enable vendors, researchers, vulnerability databases, and other producers of vulnerability information to use the methodology provided to create and share their own mappings for using ATT&CK to characterize the impact of a vulnerability as described in the CVE list. We would be happy to have your input and contributions on expanding the existing repository, as well as any feedback on the existing mappings and methodology. More information on contributing can be found here in the project repository: https://github.com/center-for-threat-informed-defense/attack_to_cve/blob/596de4aea26b05871e4f3197a3a4fb768c1f8321/CONTRIBUTING.md
Please let me know if you have additional questions.
Thank you for reaching out! We’re currently exploring options for updating the Center’s ATT&CK to CVE mapping, including active discussions with the MITRE CVE Team.
One of our goals of this project has always been to enable vendors, researchers, vulnerability databases, and other producers of vulnerability information to use the methodology provided to create and share their own mappings for using ATT&CK to characterize the impact of a vulnerability as described in the CVE list. We would be happy to have your input and contributions on expanding the existing repository, as well as any feedback on the existing mappings and methodology. More information on contributing can be found here in the project repository: https://github.com/center-for-threat-informed-defense/attack_to_cve/blob/596de4aea26b05871e4f3197a3a4fb768c1f8321/CONTRIBUTING.md
Please let me know if you have additional questions.
Thank you, Tiffany