This is a potential security issue, you are being redirected to https://csrc.nist.gov
Specifications have both intrinsic and synergistic value. They have intrinsic value in that the specification demonstrates value on its own merits. For example, XCCDF is a standard way of expressing checklist content. XCCDF also has a synergistic value when combined with other specifications such as CPE, CCE, and OVAL to create an SCAP-expressed checklist that can be processed by SCAP-validated products. Likewise, CVE has use cases in simply being a consistent way to enumerate vulnerabilities for tracking purposes; however, when combined with CPE and OVAL, CVE is elevated to formulate a greater use case, namely that of automated checks for vulnerabilities that can be processed by SCAP-validated products. It is important to recognize that specifications can and should demonstrate value in their own right without being SCAP specifications.
Of great interest to the community is whether a new specification will become part of the NIST validation program. As a result, NIST developed the following informational resources: