Anyone can obtain a CVE assignment directly from MITRE using their request form. The process recommended by the VMT is outlined here: https://security.openstack.org/vmt-process.html#send-cve-request
Since this report is not under any embargo, I wouldn't bother supplying an encryption key for their response.
Anyone can obtain a CVE assignment directly from MITRE using their request form. The process recommended by the VMT is outlined here: https:/ /security. openstack. org/vmt- process. html#send- cve-request
Since this report is not under any embargo, I wouldn't bother supplying an encryption key for their response.