This publication provides recommendations for using two vulnerability naming schemes: Common Vulnerabilities and Exposures (CVE) and Common Configuration Enumeration (CCE). Draft SP 800-51 Revision 1 gives an introduction to both naming schemes and makes recommendations for end-user organizations on using their names. The publication also presents recommendations for software and service vendors on how they should use vulnerability names and naming schemes in their product and service offerings. [Supersedes SP 800-51 (September 2002): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=151265]
and Scarfone, K.
Guide to Using Vulnerability Naming Schemes, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=907934
(Accessed November 30, 2023)