NVD

Vulnerability Change Records for CVE-2021-42550

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:qos:logback::::::::* versions up to (including) 1.2.7 cpe:2.3:a:qos:logback:1.3.0:alpha0::::::* cpe:2.3:a:qos:logback:1.3.0:alpha1::::::* cpe:2.3:a:qos:logback:1.3.0:alpha10::::::* cpe:2.3:a:qos:logback:1.3.0:alpha2::::::* cpe:2.3:a:qos:logback:1.3.0:alpha3::::::* cpe:2.3:a:qos:logback:1.3.0:alpha4::::::* cpe:2.3:a:qos:logback:1.3.0:alpha5::::::* cpe:2.3:a:qos:logback:1.3.0:alpha6::::::* cpe:2.3:a:qos:logback:1.3.0:alpha7::::::* cpe:2.3:a:qos:logback:1.3.0:alpha8::::::* cpe:2.3:a:qos:logback:1.3.0:alpha9::::::*
Added	CPE Configuration		OR cpe:2.3:a:redhat:satellite:6.0:::::::
Added	CVSS V2		NIST (AV:N/AC:M/Au:S/C:C/I:C/A:C)
Added	CVSS V3.1		NIST AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-502
Changed	Reference Type	http://logback.qos.ch/news.html No Types Assigned	http://logback.qos.ch/news.html Vendor Advisory
Changed	Reference Type	https://github.com/cn-panda/logbackRceDemo No Types Assigned	https://github.com/cn-panda/logbackRceDemo Exploit, Third Party Advisory
Changed	Reference Type	https://jira.qos.ch/browse/LOGBACK-1591 No Types Assigned	https://jira.qos.ch/browse/LOGBACK-1591 Exploit, Issue Tracking, Patch, Third Party Advisory