IAVB

An Information Assurance Vulnerability Bulletin (IAVB) is a mid-level IAVM notice for significant but not critical vulnerabilities. IAVBs typically have longer compliance windows than IAVAs (often 30 days) and address vulnerabilities that are important but not as immediately exploitable.

Like IAVAs, IAVBs require acknowledgment, tracking, and remediation within the specified timeframe. Organizations must report their compliance status and document any systems that require an exception or extension.