adding "tags" for quick identification #33
Description
Proposed New Idea/Feature (required)
Tags would allow a user to visually classify a vulnerability by certain categories, such as "unsupported" (vendor considers the product end-of-life and will not patch), "networking device" vs "mobile device", etc. For example: A sysadmin who is responsible for a large enterprise environment may not be familiar with which products are affected by a particular vulnerability but their CTO or CISO is adamant that it be patched because "it was added to CISA's Known Exploited Vulnerabilities Catalog." Tags could reference "publicly disclosed", "proof of concept available", "cloud service", "CISA KEV" and "used in ransomware attacks." There are numerous possibilities with adding tags to CVE entries.
Additional Notes (Optional)
N/A