Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Common Platform Enumeration: Naming Specification Version 2.3



Brant Cheikes, David A. Waltermire, Karen Scarfone


This report defines the Common Platform Enumeration (CPE) Naming version 2.3 specification. The CPE Naming specification is a part of a stack of CPE specifications that support a variety of use cases relating to IT product description and naming. The CPE Naming specification defines the logical structure of names for IT product classes and the procedures for binding and unbinding these names to and from machine-readable encodings. This report also defines and explains the requirements that IT products must meet for conformance with the CPE Naming version 2.3 specification.
NIST Interagency/Internal Report (NISTIR) - 7695
Report Number


Common Platform Enumeration, CPE, SCAP, security automation


Cheikes, B. , Waltermire, D. and Scarfone, K. (2011), Common Platform Enumeration: Naming Specification Version 2.3, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed May 25, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created August 18, 2011, Updated October 12, 2021