Fix bug in the new CVSS post

lunasec-io · Dec 17, 2021 · 9f908c8 · 9f908c8
1 parent 600fc1b
commit 9f908c8
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/docs/blog/2021-12-18-log4j-update-increased-cvss.mdx b/docs/blog/2021-12-18-log4j-update-increased-cvss.mdx
@@ -39,11 +39,11 @@ authors:
 
 _The logo gets worse as the situation gets worse..._
 
-**Just trying to fix this? Please read our dedicated
-[Mitigation Guide](https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide/).**
-
 Earlier today, the second Log4j vulnerability (CVE-2021-45046) was upgraded from a [CVSS score of 3.7](https://web.archive.org/web/20211215180723/https://logging.apache.org/log4j/2.x/security.html)
-(limited DOS) to a [CVSS score of 9.7](https://logging.apache.org/log4j/2.x/security.html) (limited RCE).
+(limited DOS) to a [CVSS score of 9.0](https://logging.apache.org/log4j/2.x/security.html) (limited RCE).
+
+**Just trying to patch Log4Shell? Please read our dedicated
+[Mitigation Guide](https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide/).**
 
 ## Context on CVE Timeline