Fortra Authorized by the CVE Program as a CVE Numbering Authority (CNA)

Designation supports Fortra’s commitment to continuous improvement and transparency

Posted on December 5, 2023

MINNEAPOLIS – Dec 5, 2023 – Fortra today announced that it has been authorized by the CVE program as a CVE Numbering Authority (CNA). This designation allows Fortra to assign and publicly disclose Common Vulnerabilities and Exposures (CVEs) that enable IT and cybersecurity professionals to prioritize and rapidly address vulnerabilities in software.  

The CVE program relies on an international community of CNA partners to discover, assign, and catalog cybersecurity vulnerabilities. CNA partners publish CVEs records to communicate accurate and consistent descriptions of vulnerabilities. This provides stakeholders with the information they need to align their remediation efforts. As a CNA partner, Fortra can assign CVEs for security issues found in its own software products, and for those found by its researchers in other products on the market.  

“Becoming a CNA is part of a strong vulnerability disclosure and reporting program,” said Kate Bolseth, CEO, Fortra. “By researching, reporting, and fixing vulnerabilities in our products and services, Fortra is demonstrating its commitment to continuous improvement and transparency, and offering better protection for our customers and the industry at large.”  

Vulnerabilities in Fortra products can be reported here. Information regarding vulnerabilities found in Fortra products will be listed on this dedicated advisory page.  

About Fortra    
Fortra is a cybersecurity company like no other. We're creating a simpler, stronger future for our customers. Our trusted experts and portfolio of integrated, scalable solutions bring balance and control to organizations around the world. We’re the positive changemakers and your relentless ally to provide peace of mind through every step of your cybersecurity journey. Learn more at  

About CVE  

The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered, then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities. Learn more at  

Copyright © Fortra, LLC and its group of companies. Fortra™, the Fortra™ logos, and other identified marks are proprietary trademarks of Fortra, LLC.  

Media Contacts:
Rachel Woodford, Public Relations Manager   
[email protected]  
North America and EMEA   
[email protected]