U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2020-10683

Change History

Initial Analysis by NIST 5/07/2020 3:18:53 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.3
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:redhat:decision_manager:7:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:jboss_enterprise_application_platform_continuous_delivery:*:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NIST CWE-611
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=1694235 No Types Assigned
https://bugzilla.redhat.com/show_bug.cgi?id=1694235 Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html No Types Assigned
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html Third Party Advisory
Changed Reference Type
https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658 No Types Assigned
https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658 Patch, Third Party Advisory
Changed Reference Type
https://github.com/dom4j/dom4j/releases/tag/version-2.1.3 No Types Assigned
https://github.com/dom4j/dom4j/releases/tag/version-2.1.3 Third Party Advisory