工业和信息化部网络安全威胁和漏洞信息共享平台正式上线运行 - The Ministry of Industry and Information Technology's cyber security threats and vulnerabilities information sharing platform is officially launched
-
为落实《网络产品安全漏洞管理规定》有关要求,工业和信息化部网络安全管理局组织建设的工业和信息化部网络安全威胁和漏洞信息共享平台(下称“平台”)(https://www.nvdb.org.cn)于2021年9月1日正式上线运行。
根据《网络产品安全漏洞管理规定》,网络产品提供者应当及时向平台报送相关漏洞信息,鼓励漏洞收集平台和其他发现漏洞的组织或个人向平台报送漏洞信息。平台包括通用网络产品安全漏洞专业库(https://www.cnvdb.org.cn)、工业控制产品安全漏洞专业库(https://www.cics-vd.org.cn)、移动互联网APP产品安全漏洞专业库(https://cappvd.cstc.org.cn)、车联网产品安全漏洞专业库(https://cavd.org.cn)等,支持开展网络产品安全漏洞技术评估,督促网络产品提供者及时修补和合理发布自身产品安全漏洞。
平台由中国信息通信研究院会同国家工业信息安全发展研究中心、中国软件评测中心、中国汽车技术研究中心等国家网络安全专业机构共同建设。
In order to implement the relevant requirements of the “Regulations on the Management of Security Vulnerabilities in Network Products,” the Ministry of Industry and Information Technology Cyber Security Administration organized and constructed the Ministry of Industry and Information Technology Cybersecurity Threat and Vulnerability Information Sharing Platform (hereinafter referred to as the “platform”) (https:// www.nvdb.org.cn) will be officially launched on September 1, 2021.
According to the “Regulations on the Management of Security Vulnerabilities in Network Products”, network product providers shall promptly report relevant vulnerability information to the platform, and encourage vulnerability collection platforms and other organizations or individuals that discover vulnerabilities to report vulnerability information to the platform. The platform includes a professional library of general network product security vulnerabilities (https://www.cnvdb.org.cn), a professional library of industrial control product security vulnerabilities (https://www.cics-vd.org.cn), and mobile Internet APP products Security vulnerability professional library (https://cappvd.cstc.org.cn), car networking product security vulnerability professional library (https://cavd.org.cn), etc., support the development of network product security vulnerability technical assessment, and supervise network products The provider timely repairs and reasonably releases its own product security vulnerabilities.
The platform is jointly constructed by the China Academy of Information and Communications Technology, the National Industrial Information Security Development Research Center, China Software Evaluation Center, China Automotive Technology Research Center and other national cybersecurity professional institutions.