A tag is used in CVE record format to describe Exclusively Hosted Service with the following definition:
All known software and/or hardware affected by this CVE Record is known to exist only in the affected hosted service. If the vulnerability affects both hosted and on-prem software and/or hardware, then the tag should not be used.