Skip to content

Commit

Permalink
Merge pull request #71 from sej7278/vuln-coverage
Browse files Browse the repository at this point in the history 
Updated CVSS 4+ wording
  • Loading branch information
@annkots
annkots authored Mar 20, 2024
2 parents b80c21f + d905869 commit e3597f5
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions docs/extended-lifecycle-support/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ Our ELS service is designed to provide solutions for organizations that are not

### Vulnerability coverage

TuxCare employs the Common Vulnerability Scoring System (CVSS v3) to assess the severity of security vulnerabilities. Our severity rating system for patching vulnerabilities integrates both NVD scoring and vendor scoring (when available). When the vendor's score is lower than the NVD score, we give priority to the NVD score.
TuxCare employs the Common Vulnerability Scoring System (CVSS v3) to assess the severity of security vulnerabilities. Our severity rating system for patching vulnerabilities integrates both NVD scoring and vendor scoring (when available). When the vendor's score is lower than the NVD score, we give priority to the NVD score.

TuxCare Extended Lifecycle Support automatically provides security patches for High and Critical vulnerabilities with CVSS scores of 7+. For Medium-severity vulnerabilities (CVSS scores 4.0 to 6.9), TuxCare actively monitors and selectively patches those with potentially underrated CVE impacts and/or risks to TuxCare customers.
TuxCare Extended Lifecycle Support, by default, provides security patches for High and Critical vulnerabilities (with a 7+ CVSS score). For vulnerabilities rated as Medium (4.0 to 6.9), TuxCare can provide patches for CVE's where mitigations are not available and there is sufficient customer demand.

Custom coverage options include patches for FIPS-certified deployments and a 10-pack of customer-selected patches for CVEs outside the standard ELS scope. For detailed information on these coverage options and their pricing, please contact our sales team
Custom coverage options are available, including a 10-pack of customer-directed patches for clients who need CVEs patched outside of the ELS scope. Specific details regarding these coverage options and their pricing can be obtained by contacting our sales team.

### Target response times

Expand Down

0 comments on commit e3597f5

Please sign in to comment.