For vulnerability management teams who talk exclusively in this CVE-based construct, the lack of CVEs in cloud services is a significant challenge. With cloud-specific vulnerabilities littering the news every week, the question of whether cloud service providers should use CVE identifiers (or something like it) is more relevant than ever.

Source: Help Net Security