diff --git a/src/main/java/org/dependencytrack/resources/v1/vo/AffectedComponent.java b/src/main/java/org/dependencytrack/resources/v1/vo/AffectedComponent.java
index e4decc8ac..4afff4a77 100644
--- a/src/main/java/org/dependencytrack/resources/v1/vo/AffectedComponent.java
+++ b/src/main/java/org/dependencytrack/resources/v1/vo/AffectedComponent.java
@@ -96,15 +96,18 @@ public AffectedComponent(final VulnerableSoftware vs) {
                 LOGGER.warn("Error assembling PURL", e);
             }
         }
-        if (vs.getVersion() != null) {
-            versionType = VersionType.EXACT;
-            version = vs.getVersion();
-        } else {
+        if (vs.getVersionStartIncluding() != null
+                || vs.getVersionStartExcluding() != null
+                || vs.getVersionEndIncluding() != null
+                || vs.getVersionEndExcluding() != null) {
             versionType = VersionType.RANGE;
             versionEndExcluding = vs.getVersionEndExcluding();
             versionEndIncluding = vs.getVersionEndIncluding();
             versionStartExcluding = vs.getVersionStartExcluding();
             versionStartIncluding = vs.getVersionStartIncluding();
+        } else if (vs.getVersion() != null) {
+            versionType = VersionType.EXACT;
+            version = vs.getVersion();
         }
         if (vs.getAffectedVersionAttributions() != null) {
             affectedVersionAttributions = vs.getAffectedVersionAttributions();
diff --git a/src/test/java/org/dependencytrack/resources/v1/vo/AffectedComponentTest.java b/src/test/java/org/dependencytrack/resources/v1/vo/AffectedComponentTest.java
index c2207f37d..93d2bc335 100644
--- a/src/test/java/org/dependencytrack/resources/v1/vo/AffectedComponentTest.java
+++ b/src/test/java/org/dependencytrack/resources/v1/vo/AffectedComponentTest.java
@@ -172,6 +172,24 @@ public void shouldUseVersionRangeWhenAvailable() {
             assertThat(affectedComponent.getVersionEndExcluding()).isEqualTo("qux");
         }
 
+        @Test
+        public void shouldUseVersionRangeWhenBothRangeAndExactVersionAreAvailable() {
+            final var vs = new VulnerableSoftware();
+            vs.setVersion("*"); // CPEs will have a version wildcard when ranges are defined
+            vs.setVersionStartIncluding("foo");
+            vs.setVersionStartExcluding("bar");
+            vs.setVersionEndIncluding("baz");
+            vs.setVersionEndExcluding("qux");
+
+            final var affectedComponent = new AffectedComponent(vs);
+            assertThat(affectedComponent.getVersionType()).isEqualTo(AffectedComponent.VersionType.RANGE);
+            assertThat(affectedComponent.getVersion()).isNull();
+            assertThat(affectedComponent.getVersionStartIncluding()).isEqualTo("foo");
+            assertThat(affectedComponent.getVersionStartExcluding()).isEqualTo("bar");
+            assertThat(affectedComponent.getVersionEndIncluding()).isEqualTo("baz");
+            assertThat(affectedComponent.getVersionEndExcluding()).isEqualTo("qux");
+        }
+
         @Test
         public void shouldMapAffectedPackageAttribution() {
             final var vs = new VulnerableSoftware();