Merge branch '124-has63-focus-on-nms-vulnerabilities-6-1-1-0' into 'main' (bf7a2e22) · Commits · STAN4CRA / EN 304 621 Network Management Systems

EN-304-621.md

+1 −1

Original line number	Diff line number	Diff line
		@@ -992,7 +992,7 @@ There are three different types of assessments used in this document.
		Requirement a: The product shall have no vulnerabilities discovered by scans.<br/>
		Requirement b: The product shall have only discoverable vulnerabilities whose age is consistent with the manufacturer's documentation of how long vulnerabilities may go unfixed after public disclosure.<br/>
		Requirement c: For each detected vulnerability, the product shall have publicly available documentation explaining how the risk has been mitigated.<br/>
		Objective: Disclosure of new vulnerabilities in the operating system and its dependencies are proactively monitored.<br/>
		Objective: Disclosure of new vulnerabilities in the product and its dependencies are proactively monitored.<br/>
		Preparation:

		1. Select up to three vulnerability scanners meeting the requirements

Original line number	Diff line number	Diff line
		@@ -992,7 +992,7 @@ There are three different types of assessments used in this document.
		Requirement a: The product shall have no vulnerabilities discovered by scans.<br/>
		Requirement b: The product shall have only discoverable vulnerabilities whose age is consistent with the manufacturer's documentation of how long vulnerabilities may go unfixed after public disclosure.<br/>
		Requirement c: For each detected vulnerability, the product shall have publicly available documentation explaining how the risk has been mitigated.<br/>
		Objective: Disclosure of new vulnerabilities in the operating system and its dependencies are proactively monitored.<br/>
		Objective: Disclosure of new vulnerabilities in the product and its dependencies are proactively monitored.<br/>
		Preparation:

		1. Select up to three vulnerability scanners meeting the requirements