mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-10-31 22:28:26 +00:00
55 lines
6.6 KiB
Markdown
55 lines
6.6 KiB
Markdown
|
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
|
||
|
|
||
|
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
|
||
|
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
|
||
|
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
|
||
|
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
|
||
|
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
|
||
|
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
|
||
|
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
|
||
|
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
|
||
|
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
|
||
|
|
||
|
## Status Descriptions ##
|
||
|
|
||
|
| Status | Description |
|
||
|
| ------ | ----------- |
|
||
|
| Unknown | Status unknown. Default choice. |
|
||
|
| Affected | Reported to be affected by CVE-2021-44228. |
|
||
|
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
|
||
|
| Fixed | Patch and/or mitigations available (see provided links). |
|
||
|
| Under Investigation | Vendor investigating status. |
|
||
|
|
||
|
## Software List ##
|
||
|
|
||
|
This list has been populated using information from the following sources:
|
||
|
|
||
|
- Kevin Beaumont
|
||
|
- SwitHak
|
||
|
- National Cyber Security Centre - Netherlands (NCSC-NL)
|
||
|
|
||
|
NOTE: This file is automatically generated. To submit updates, please refer to
|
||
|
[`CONTRIBUTING.md`](CONTRIBUTING.md).
|
||
|
|
||
|
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
|
||
|
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
|
||
|
| Yahoo | Vespa | | | Not Affected | [link](https://blog.vespa.ai/log4j-vulnerability/) | Your Vespa application may still be affected if log4j is included in your application package. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||
|
| Yellowbrick | | | | Unknown | [link](https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||
|
| YellowFin | All | | 8.0.10.3, 9.7.0.2 | Fixed | [link](https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2) | v7 and v6 releases are not affected unless you have manually upgraded to Log4j2. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||
|
| Yenlo | Connext | | | Not Affected | [link](https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/) | Connext Platform (Managed WSO2 Cloud) and all underlying middleware components are not vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||
|
| YOKOGAWA | CENTUM VP | | | Unknown | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | CENTUM VP (other components) | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is still under investigation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | CI Server | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | Exaopc | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | Exaplog | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | Exaquantum | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | FAST/TOOLS | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | PRM | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | ProSafe-RS | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | ProSafe-RS Lite | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | STARDOM | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YOKOGAWA | VTSPortal | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||
|
| YSoft | SAFEQ 4 | | | Not Affected | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
|
||
|
| YSoft | SAFEQ 5 | | | Not Affected | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
|
||
|
| YSoft | SAFEQ 6 | | <=6.0.63 | Fixed | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
|