NVD

Vulnerability Change Records for CVE-2017-1000486

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:primetek:primefaces:5.0::::::: cpe:2.3:a:primetek:primefaces:5.0:rc1::::::* cpe:2.3:a:primetek:primefaces:5.0:rc2::::::* cpe:2.3:a:primetek:primefaces:5.1::::::: cpe:2.3:a:primetek:primefaces:5.1:rc1::::::* cpe:2.3:a:primetek:primefaces:5.1:rc2::::::* cpe:2.3:a:primetek:primefaces:5.2::::::: cpe:2.3:a:primetek:primefaces:5.2:rc1::::::* cpe:2.3:a:primetek:primefaces:5.2:rc2::::::* cpe:2.3:a:primetek:primefaces:5.2:rc3::::::* cpe:2.3:a:primetek:primefaces:5.3::::::: cpe:2.3:a:primetek:primefaces:5.3:rc1::::::* cpe:2.3:a:primetek:primefaces:5.3:rc2::::::*
Added	CVSS V2		(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added	CVSS V3		AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CWE		CWE-326
Changed	Reference Type	http://blog.mindedsecurity.com/2016/02/rce-in-oracle-netbeans-opensource.html No Types Assigned	http://blog.mindedsecurity.com/2016/02/rce-in-oracle-netbeans-opensource.html Exploit, Third Party Advisory
Changed	Reference Type	https://cryptosense.com/weak-encryption-flaw-in-primefaces/ No Types Assigned	https://cryptosense.com/weak-encryption-flaw-in-primefaces/ Third Party Advisory
Changed	Reference Type	https://github.com/primefaces/primefaces/issues/1152 No Types Assigned	https://github.com/primefaces/primefaces/issues/1152 Issue Tracking, Third Party Advisory