Skip to main content

light weithted vul record

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Jiang Li , Jun Fu , Xiaoxiao Li , Yexia Cheng
Last updated 2021-05-05 (Latest revision 2020-11-01)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Vulnerability information will be recorded in risk detection and scanning. If a vulnerability is detected in a host during one scan, a record will be generated and added to the database, together with a time-stamp when the vulnerability is detected. If risk detection is carried out periodically, a series of records will be generated for each detection, until vulnerability is fixed. At present, a common way to record vulnerabilities is a vulnerability--a detection--a record, a vulnerability--N detections--N records(N>1).In this way, the number of vulnerability records is related to the rounds of detection. In the case that the number of existing vulnerabilities remains unchanged, more frequent vulnerabilities are scanned, more records are recorded In this document, a light weighted vulnerability recording method is proposed. To make that, in the whole life cycle of a vulnerability, only one record is generated after multiple detections.


Jiang Li
Jun Fu
Xiaoxiao Li
Yexia Cheng

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)