From e2660a5d1cd752b51d4816ee16a407c1f21430d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Volkan=20Yaz=C4=B1c=C4=B1?= <volkan@yazi.ci>
Date: Wed, 8 Nov 2023 09:47:24 +0100
Subject: [PATCH] Switch to CVSSv2 for CVE-2017-5645 (#1707)

---
 src/site/asciidoc/security.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/site/asciidoc/security.adoc b/src/site/asciidoc/security.adoc
index e49ebb99990..94168283840 100644
--- a/src/site/asciidoc/security.adoc
+++ b/src/site/asciidoc/security.adoc
@@ -283,7 +283,7 @@ This issue was discovered by Peter Stöckli.
 [cols="1h,5"]
 |===
 |Summary |TCP/UDP socket servers can be exploited to execute arbitrary code
-|CVSS 3.x Score & Vector |9.8 CRITICAL (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
+|CVSS 2.0 Score & Vector |7.5 HIGH (AV:N/AC:L/Au:N/C:P/I:P/A:P)
 |Components affected |`log4j-core`
 |Versions affected |`[2.0-alpha1, 2.8.2)`
 |Versions fixed |`2.8.2` (Java 7)