This is an automated email from the ASF dual-hosted git repository. pkarwasz pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/logging-site.git
commit 4697418a08b15d6dc8d1519b2f1faef69940ec16 Author: Volkan Yazıcı <[email protected]> AuthorDate: Wed Nov 8 09:45:52 2023 +0100 Switch to CVSSv2 for CVE-2017-5645 (apache/logging-log4j2#1707) --- vdr.xml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/vdr.xml b/vdr.xml index 09bb9781..881a71ca 100644 --- a/vdr.xml +++ b/vdr.xml @@ -414,12 +414,12 @@ Alternatively, users can set the `mail.smtp.ssl.checkserveridentity` system prop <rating> <source> <name>NVD</name> - <url><![CDATA[https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1]]></url> + <url><![CDATA[https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(AV:N/AC:L/Au:N/C:P/I:P/A:P)&version=2.0]]></url> </source> - <score>9.8</score> - <severity>critical</severity> - <method>CVSSv3</method> - <vector>AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</vector> + <score>7.5</score> + <severity>high</severity> + <method>CVSSv2</method> + <vector>AV:N/AC:L/Au:N/C:P/I:P/A:P</vector> </rating> </ratings> <cwes>
