-
Bug
-
Resolution: Not a Bug
-
Normal
-
None
-
None
-
None
-
False
-
-
False
-
SECDATA-216 - SDEngine Backlog
-
-
The CVSS and threats impact are not associated with the same list of products.
Somehow the CVSS metrics are only associated with products that have been fixed via some advisory. When the “impact” category in the threat section is correctly associated with the whole list of products mentioned in the particular CVE.
See for example:
CVE-2022-40152
The scores section contains only products that have some patches released (category is vendor_fix).
- links to