What is the CERT-In CNA?
CERT-In is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 125 CVE records since 2022.
How many CVEs has CERT-In published?
CERT-In has published 125 CVE records, including 85 in the last two years.
What is CERT-In's CVE data quality grade?
RadicalNotion.AI grades CERT-In's CVE data quality as A, with an overall completeness score of 99.6%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (99.2%), and CWE (99.2%) information.
What products does CERT-In publish CVEs for?
CERT-In most frequently publishes CVEs for cm5100 firmware, cm5100, Skyworth Router CM5100, SyroTech SY-GPON-1110-WDONT router, sy-gpon-1110-wdont.
Which vendors does CERT-In cover?
CERT-In publishes CVEs across 33 distinct vendors, most often skyworthdigital, Hathway, SyroTech, Digisol, Shilpi Computers.
Is CERT-In actively publishing CVEs?
CERT-In is currently active, based on 85 CVEs in the last two years.
What is the average severity of CERT-In's CVEs?
The average CVSS base score across CERT-In's scored CVEs is 7.5.
How many critical CVEs has CERT-In published?
CERT-In has published 16 critical-severity CVEs and 73 high-severity CVEs.
Are any of CERT-In's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of CERT-In's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in CERT-In's CVEs?
CERT-In's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-312 (Cleartext Storage of Sensitive Information), CWE-319 (Cleartext Transmission of Sensitive Information), CWE-639 (Authorization Bypass Through User-Controlled Key).
How does CERT-In rank among CNAs?
By total CVE volume, CERT-In ranks #112 of 370 CNAs, and it reports more complete CVE records than 56% of all CNAs.
