NVD

Vulnerability Change Records for CVE-2018-1900

Action	Type	Old Value	New Value
Added	CVSS V3		AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Added	CVSS V2		(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Added	CWE		CWE-79
Added	CPE Configuration		OR cpe:2.3:a:ibm:curam_social_program_management::::::::* versions from (including) 6.0.5.0 up to (including) 6.0.5.10 cpe:2.3:a:ibm:curam_social_program_management::::::::* versions from (including) 6.1.0.0 up to (including) 6.1.1.6 cpe:2.3:a:ibm:curam_social_program_management::::::::* versions from (including) 6.2.0.0 up to (including) 6.2.0.6 cpe:2.3:a:ibm:curam_social_program_management::::::::* versions from (including) 7.0.0.0 up to (including) 7.0.1.0 cpe:2.3:a:ibm:curam_social_program_management::::::::* versions from (including) 7.0.2.0 up to (including) 7.0.4.0
Changed	Reference Type	http://www.securityfocus.com/bid/106189 No Types Assigned	http://www.securityfocus.com/bid/106189 Third Party Advisory, VDB Entry
Changed	Reference Type	https://exchange.xforce.ibmcloud.com/vulnerabilities/152529 No Types Assigned	https://exchange.xforce.ibmcloud.com/vulnerabilities/152529 VDB Entry, Vendor Advisory
Changed	Reference Type	https://www.ibm.com/support/docview.wss?uid=ibm10739035 No Types Assigned	https://www.ibm.com/support/docview.wss?uid=ibm10739035 Patch, Vendor Advisory
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism