Jack, The CVSS Base Score is reduced when calculated against the CVSS Temporal and Environmental Metrics. https://www.tenable.com/plugins/nessus/173260 should be amended to state that 1.1.1u is not available yet. On Tue, 4 Apr 2023 at 23:16, Joslin, Jack via openssl-users <openssl-users@xxxxxxxxxxx> wrote: > Plugin Plugin Name Severity Plugin Output Solution Risk Factor CVE > 173260 OpenSSL 1.1.1 < 1.1.1u Multiple Vulnerabilities Medium Plugin Output: > Banner : Apache/2.4.56 (Unix) OpenSSL/1.1.1t mod_perl/2.0.9 Perl/v5.8.8 > Reported version : 1.1.1t > Fixed version : 1.1.1u Upgrade to OpenSSL version 1.1.1u or later. Medium CVE-2023-0464, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466 -- Regards, Christian Heinrich http://cmlh.id.au/contact
