How to get the CVE number for the vulnerability you found during Security research

I am Harish SG, a security researcher who hunted on the Microsoft Bug Bounty Program. Now I researching on attacking air gapped system and practicing smart contract auditing

What is CVE?

CVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer security flaws. When someone refers to a CVE, they mean a security flaw that’s been assigned a CVE ID number.

How to get a CVE number?

1. visit?https://cveform.mitre.org/?and click on the request a CVE number
2. You will need to provide at least the following, vulnerability type, vendor or developer of software or impact of the vulnerability, Affected component, and Attack vector.

What happens after you requested CVE?

1. you will receive a confirmation mail from?MITRE
2. MITRE?will review your confirmation. If your submission is valid they will send you a valid CVE number

How much time do they take to assign CVE?

Generally, 90 days after the vendor fixed this vulnerability but this time period depends on the severity and how fast the vendor fixed this vulnerability.

POC: