US government vulnerability database compromised

By on
US government vulnerability database compromised
Kim Halavakoski, BlackCat Security.

May have been infected for months.

A United States government repository of security issues and notifications, the National Vulnerability Database (NVD), has been taken down after a malware infection was discovered on two of its servers.

An email published overnight by BlackCat security researcher Kim Halavakoski on social network site Google+ from the National Institute of Standards and Technology (NIST) confirmed that NVD has been down since March 8.

'On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet. NIST began investigating the cause of the unusual activity and the servers were taken offline," according to the email.

"Malware was discovered on two NIST Web servers and was then traced to a software vulnerability."

The email states there is no evidence that the NVD or other NIST pages "contained or were used to deliver malware to users" of the site.

A report by The Register attributes the infection to vulnerabilities in Adobe ColdFusion.

The servers were reportedly compromised before the vulnerability was known to Adobe early January this year, meaning the site may have been compromised since that date or before.

No time estimate for the restoration of the service was given. As of this morning, the NVD  emained down with no explanation  given by NIST for the outage.


Several other government websites such as and were also taken offline, according to the email.
The security incident is potentially embarrassing to the US government. In February this year, President Barack Obama tasked NIST with developing a baseline framework to reduce cyber risk to critical infrastructure as part of an executive order to improve network and data security in the United States.
Copyright © . All rights reserved.

Most Read Articles

Log In

|  Forgot your password?