Colleagues, The CVE Program is happy to announce five (5) new CNAs: Organization Name: Hillstone Networks Inc. Org Short Name: Hillstone Organization Location: China Scope: Vulnerabilities in our products listed at https://www.hillstonenet.com/hillstone-networks-product-portfolio/ and the products we sell only in China listed at https://www.hillstonenet.com.cn/product-and-service/, not including our websites. Top-Level Root: MITRE Disclosure Policy location: https://hillstonenet.com.cn/support-and-training/psirt Advisory location: https://www.hillstonenet.com.cn/support-and-training/psirt/ Public point of contact: ps...@hillstonenet.com<mailto:ps...@hillstonenet.com> CNA Type: Vendor
Organization Name: Open-Xchange Org Short Name: OX Organization Location: Germany Scope: Products and services provided by Open-Xchange, PowerDNS, and Dovecot. Top-Level Root: MITRE Disclosure Policy location: https://vdp.open-xchange.com/ Advisory location: https://documentation.open-xchange.com/security/advisories/ Public point of contact: secur...@open-xchange.com<mailto:secur...@open-xchange.com> CNA Type: Open Source, Vendor Organization Name: ServiceNow Org Short Name: SN Organization Location: USA Scope: All ServiceNow products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by ServiceNow that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.servicenow.com/company/trust/privacy/responsible-disclosure.html Advisory location: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1226057 Public point of contact: ps...@servicenow.com<mailto:ps...@servicenow.com> CNA Type: Hosted Service, Researcher, Vendor Organization Name: Shop Beat Solutions (Pty) LTD Org Short Name: ShopBeat Organization Location: South Africa Scope: Vulnerabilities in Shop Beat products and services and vulnerabilities discovered by Shop Beat unless covered by the scope of another CNA. Top-Level Root: MITRE Disclosure Policy location: https://www.shopbeat.co.za/disclosure_policy.html Advisory location: https://www.shopbeat.co.za/security_advisory_location.html Public point of contact: supp...@shopbeat.co.za<mailto:supp...@shopbeat.co.za> CNA Type: Hosted Service, Vendor Organization Name: STAR Labs SG Pte. Ltd. Org Short Name: STAR_Labs Organization Location: Singapore Scope: Vulnerabilities discovered by STAR Labs SG that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://starlabs.sg/advisories/STAR%20Labs%20SG%20Pte.%20Ltd.%20Vulnerability%20Disclosure%20Policy.pdf Advisory location: https://starlabs.sg/advisories/ Public point of contact: i...@starlabs.sg<mailto:i...@starlabs.sg> CNA Type: Researcher Total Partners: 275 Total Countries: 36 Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]