1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-24 17:30:47 +00:00
log4j-affected-db/data/cisagov_S.yml

9188 lines
264 KiB
YAML
Raw Normal View History

---
version: '1.0'
owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: SAE-IT
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SAFE FME Server
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SAGE
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SailPoint
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Salesforce
product: Analytics Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: B2C Commerce Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: ClickSoftware (As-a-Service)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: ClickSoftware (On-Premise)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
2022-01-25 20:31:24 +00:00
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional
details are available here.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
2022-01-25 20:31:24 +00:00
product: Data.com
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
2022-01-25 20:31:24 +00:00
product: DataLoader
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-26 23:19:56 +00:00
- '>=53.0.2'
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-26 23:19:56 +00:00
- '>=53.0.2'
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-26 23:12:58 +00:00
- https://github.com/forcedotcom/dataloader/releases/tag/v53.0.2
2022-01-27 16:12:46 +00:00
notes: This version is for use with Salesforce Winter '22 or higher release through
Salesforce Force Partner API and Force WSC v53.0.0. It contains the fix for
CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 by upgrading to log4j 2.17.0.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
2022-01-25 20:31:24 +00:00
product: Datorama
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-01-28 13:44:32 +00:00
- All
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions:
2022-01-28 13:44:32 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-25 20:31:24 +00:00
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
2022-01-25 20:31:24 +00:00
product: Evergage (Interaction Studio)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
2022-01-25 20:31:24 +00:00
product: Experience (Community) Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Force.com
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been
patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
Make sure that you are using Data Loader version 53.0.2 or later. Follow the
steps described here to download the latest version of Data Loader.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Heroku
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
2022-01-26 22:52:20 +00:00
unaffected_versions:
2022-01-27 16:12:46 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
2022-01-26 22:52:20 +00:00
unaffected_versions:
2022-01-27 16:12:46 +00:00
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Heroku is reported to not be affected by the issues currently identified
in CVE-2021-44228 or CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Marketing Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Salesforce-owned services within Marketing Cloud are not affected by the
issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party
vendors have been patched to address the security issues currently identified
in CVE-2021-44228 or CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: MuleSoft (Cloud)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft
services, including dataloader.io, have been updated to mitigate the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: MuleSoft (On-Premise)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
2022-01-25 20:31:24 +00:00
Salesforce-owned services and third-party vendors, including Private Cloud Edition
(PCE) and Anypoint Studio, have a mitigation in place to address the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Pardot
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Sales Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Service Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Slack
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are
available here.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Social Studio
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Tableau (On-Premise)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 2021.4.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell
2022-01-25 20:20:04 +00:00
notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Patches to address the issues currently identified in both CVE-2021-44228 and
2022-01-25 20:31:24 +00:00
CVE-2021-45046 are available for download. Additional details are available
here.
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Salesforce
product: Tableau (Online)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45046:
2022-01-26 22:52:20 +00:00
investigated: true
affected_versions: []
2022-01-26 22:52:20 +00:00
fixed_versions:
2022-01-27 16:12:46 +00:00
- All
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
2022-01-25 20:31:24 +00:00
notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services
have been patched to mitigate the issues currently identified in both CVE-2021-44228
and CVE-2021-45046.
references:
- ''
2022-01-26 22:52:20 +00:00
last_updated: '2022-01-26T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox Admin Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox Asset Intelligence
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox Configure
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox E-FOTA One
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox Guard
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox License Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox Manage
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
product: Knox Managed Services Provider (MSP)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox Mobile Enrollment
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Samsung Electronics America
2022-01-24 22:27:28 +00:00
product: Knox Reseller Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
notes: ''
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: Sangoma
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.sangoma.com/community/s/article/Log4Shell
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SAP
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: SAP Advanced Platform
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://launchpad.support.sap.com/#/notes/3130698
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: SAP BusinessObjects
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/
notes: The support document is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: SAS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SASSAFRAS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sassafras.com/log4j-vulnerability-cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Savignano software solutions
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SBT
product: SBT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <1.5.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/sbt/sbt/releases/tag/v1.5.7
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: ScaleComputing
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.scalecomputing.com/s/article/Apache-Log4j-Vulnerability
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ScaleFusion MobileLock Pro
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: EASYFIT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: Ecoreal XL
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-01-24 22:27:28 +00:00
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: EcoStruxure IT Expert
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-01-24 22:27:28 +00:00
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: EcoStruxure IT Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-01-24 22:27:28 +00:00
- V1.5.0 to V1.13.0
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-01-24 22:27:28 +00:00
vendor_links:
- https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: Eurotherm Data Reviewer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- V3.0.2 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: Facility Expert Small Business
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: MSE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: NetBotz750/755
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- Software versions 5.0 through 5.3.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: NEW630
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SDK BOM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SDK-Docgen
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SDK-TNC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SDK-UMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SDK3D2DRenderer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SDK3D360Widget
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: Select and Config DATA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SNC-API
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SNC-CMM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SNCSEMTECH
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SPIMV3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SWBEditor
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: SWBEngine
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current software and earlier
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.se.com/us/en/download/document/7EN52-0390/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schneider Electric
2022-01-24 22:27:28 +00:00
product: Wiser by SE platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-01-24 22:27:28 +00:00
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Schweitzer Engineering Laboratories
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://selinc.com/support/security-notifications/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: SCM Manager
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://scm-manager.org/blog/posts/2021-12-13-log4shell/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ScreenBeam
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SDL worldServer
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://gateway.sdl.com/apex/communityknowledge?articleName=000017707
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Seagull Scientific
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SecurePoint
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Security Onion
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Securonix
2022-01-24 22:27:28 +00:00
product: Extended Detection and Response (XDR)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf
notes: Patching ongoing as of 12/10/2021
references:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: Securonix
product: Next Gen SIEM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf
notes: Patching ongoing as of 12/10/2021
references:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: Securonix
2022-01-24 22:27:28 +00:00
product: Security Analytics and Operations Platform (SOAR)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf
notes: Patching ongoing as of 12/10/2021
references:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: Securonix
2022-01-24 22:27:28 +00:00
product: SNYPR Application
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf
notes: ''
references:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: Securonix
2022-01-24 22:27:28 +00:00
product: User and Entity Behavior Analytics(UEBA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf
notes: Patching ongoing as of 12/10/2021
references:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: Seeburger
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open
notes: This advisory is available to customers only and has not been reviewed
by CISA.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SentinelOne
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Sentry
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SEP
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Server Eye
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ServiceNow
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ServiceTitan
product: ServiceTitan
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
vendor_links:
- https://security.servicetitan.com/
notes: ''
references:
- ''
last_updated: '2022-02-07T00:00:00'
- vendor: Shibboleth
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- http://shibboleth.net/pipermail/announce/2021-December/000253.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Shibboleth
product: All Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Identity Provider>=3.0
- All other software versions
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://shibboleth.net/pipermail/announce/2021-December/000253.html
notes: ''
references:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: Shopify
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Siebel
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Siemens
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Siemens Energy
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Siemens Energy
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Siemens Energy
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Siemens Healthineers
product: ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: If you have determined that your Atellica Data Manager has a “Java communication
engine” service, and you require an immediate mitigation, then please contact
your Siemens Customer Care Center or your local Siemens technical support representative.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: CENTRALINK v16.0.2 / v16.0.3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: If you have determined that your CentraLink has a “Java communication engine”
service, and you require a mitigation, then please contact your Siemens Customer
Care Center or your local Siemens technical support representative.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: Cios Flow S1 / Alpha / Spin VA30
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: evaluation ongoing
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: Cios Select FD/I.I. VA21 / VA21-S3P
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: evaluation ongoing
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: DICOM Proxy VB10A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: 'Workaround: remove the vulnerable class from the .jar file'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: go.All, Som10 VA20 / VA30 / VA40
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: go.Fit, Som10 VA30
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: go.Now, Som10 VA10 / VA20 / VA30 / VA40
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: go.Open Pro, Som10 VA30 / VA40
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: go.Sim, Som10 VA30 / VA40
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: go.Up, Som10 VA10 / VA20 / VA30 / VA40
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA
3T NUMARIS/X VA30A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Altea NUMARIS/X VA20A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X
VA31A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Amira NUMARIS/X VA12M
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Free.Max NUMARIS/X VA40
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Lumina NUMARIS/X VA20A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Sempra NUMARIS/X VA12M
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Sola fit NUMARIS/X VA20A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Sola NUMARIS/X VA20A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Vida fit NUMARIS/X VA20A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: MAGNETOM Vida NUMARIS/X VA10A* / VA20A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'LOG4J is used in the context of the help system. Workaround: close port
8090 for standalone systems. Setup IP whitelisting for "need to access" systems
to network port 8090 in case a second console is connected.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: evaluation ongoing
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: Somatom Emotion Som5 VC50
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: evaluation ongoing
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: Somatom Scope Som5 VC50
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: evaluation ongoing
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: 'Workaround: remove the vulnerable class from the .jar file'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: Syngo MobileViewer VA10A
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: The vulnerability will be patch/mitigated in upcoming releases/patches.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02
/ VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: 'Workaround: remove the vulnerable class from the .jar file'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01
- HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: Please contact your Customer Service to get support on mitigating the vulnerability.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
2022-01-24 22:27:28 +00:00
product: syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01
- VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B
/ VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03
/ VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
2022-01-24 22:27:28 +00:00
notes: 'Workaround: remove the vulnerable class from the .jar file'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: syngo.via WebViewer VA13B / VA20A / VA20B
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: remove the vulnerable class from the .jar file'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: X.Ceed Somaris 10 VA40*
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens Healthineers
product: X.Cite Somaris 10 VA30*/VA40*
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228
notes: 'Workaround: In the meantime, we recommend preventing access to port 8090
from other devices by configuration of the hospital network.'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Sierra Wireless
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Sierra Wireless
2022-01-24 22:27:28 +00:00
product: AirVantage and Octave cloud platforms
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs
2022-01-24 22:27:28 +00:00
notes: These systems do not operate with the specific non-standard configuration
required for CVE-2021-25046 and hence were not vulnerable to it.
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Sierra Wireless
2022-01-24 22:27:28 +00:00
product: AM/AMM servers
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs
2022-01-24 22:27:28 +00:00
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Signald
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://gitlab.com/signald/signald/-/issues/259
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Silver Peak
product: Orchestrator, Silver Peak GMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf
notes: Customer managed Orchestrator and legacy GMS products are affected by this
vulnerability. This includes on-premise and customer managed instances running
in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective
Action Required for details about how to mitigate this exploit.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: SingleWire
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.singlewire.com/s/article/Apache-Log4j2-vulnerability-CVE-2021-44228
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SISCO
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sisconet.com/sisco-news/log4j/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Sitecore
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001391
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Skillable
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://skillable.com/log4shell/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SLF4J
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- http://slf4j.org/log4shell.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Slurm
product: Slurm
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 20.11.8
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://slurm.schedmd.com/documentation.html
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: SMA Solar Technology AG
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://files.sma.de/downloads/HK_Log4j-en-10.pdf?_ga=2.237963714.352491368.1640298543-2015796445.1640298540
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: SmartBear
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://smartbear.com/security/cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SmileCDR
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-24 22:27:28 +00:00
- vendor: Sn0m
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-24 22:27:28 +00:00
- vendor: Snakemake
product: Snakemake
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
- 6.12.1
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://snakemake.readthedocs.io/en/stable/
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2021-12-21T00:00:00'
- vendor: Snow Software
product: Snow Commander
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 8.1 to 8.10.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Snow Software
product: VM Access Proxy
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3.1 to v3.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Snowflake
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Snyk
product: Cloud Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Software AG
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SolarWinds
product: Database Performance Analyzer (DPA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 2021.1.x
- 2021.3.x
- 2022.1.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228
notes: 'For more information, please see the following KB article: [link](https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)'
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: SolarWinds
product: Orion Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: SolarWinds
product: Server & Application Monitor (SAM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- SAM 2020.2.6 and later
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228
notes: 'For more information, please see the following KB article for the latest
details specific to the SAM hotfix: [link](https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)'
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: SonarSource
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Sonatype
product: All Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All Versions
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.sonatype.com/docs/important-announcements/sonatype-product-log4j-vulnerability-status
notes: Sonatype uses logback as the default logging solution as opposed to log4j.
This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository
OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the
reported log4j vulnerabilities. We still advise keeping your software upgraded
at the latest version.
references:
- ''
last_updated: '2021-12-29T00:00:00'
- vendor: SonicWall
2022-01-24 22:27:28 +00:00
product: Access Points
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
2022-01-24 22:27:28 +00:00
notes: Log4j2 not used in the SonicWall Access Points
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
2022-01-24 22:27:28 +00:00
product: Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
2022-01-24 22:27:28 +00:00
notes: Under Review
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
2022-01-24 22:27:28 +00:00
product: Analyzer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Under Review
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
2022-01-24 22:27:28 +00:00
product: Capture Client & Capture Client Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
2022-01-24 22:27:28 +00:00
notes: Log4j2 not used in the Capture Client.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: Capture Security Appliance
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Log4j2 not used in the Capture Security appliance.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: CAS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Under Review
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: Email Security
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: ES 10.0.11 and earlier versions are impacted
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: SonicWall
product: Gen5 Firewalls (EOS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Log4j2 not used in the appliance.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: Gen6 Firewalls
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Log4j2 not used in the appliance.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: Gen7 Firewalls
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Log4j2 not used in the appliance.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: GMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Under Review
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: MSW
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Mysonicwall service doesn't use Log4j
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: NSM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: NSM On-Prem and SaaS doesn't use a vulnerable version
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: SMA 100
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Log4j2 not used in the SMA100 appliance.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: SMA 1000
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Version 12.1.0 and 12.4.1 doesn't use a vulnerable version
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: SonicCore
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: SonicCore doesn't use a Log4j2
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: SonicWall Switch
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Log4j2 not used in the SonicWall Switch.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: WAF
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Under Review
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: WNM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: Log4j2 not used in the WNM.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SonicWall
product: WXA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
notes: WXA doesn't use a vulnerable version
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Cloud Optix
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Users may have noticed a brief outage around 12:30 GMT as updates were
deployed. There was no evidence that the vulnerability was exploited and to
our knowledge no customers are impacted.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Reflexion
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Reflexion does not run an exploitable configuration.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: SG UTM (all versions)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Sophos SG UTM does not use Log4j.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: SG UTM Manager (SUM) (all versions)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: SUM does not use Log4j.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Sophos Central
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Sophos Central does not run an exploitable configuration.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Sophos Firewall (all versions)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Sophos Firewall does not use Log4j.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Sophos Home
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Sophos Home does not use Log4j.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Sophos Mobile
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable
configuration.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Sophos Mobile EAS Proxy
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 9.7.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers
will need to download and install version 9.7.2, available from Monday December
13, 2021, on the same machine where it is currently running. PowerShell mode
is not affected. Customers can download the Standalone EAS Proxy Installer version
9.7.2 from the Sophos website.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Sophos
product: Sophos ZTNA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce
notes: Sophos ZTNA does not use Log4j.
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: SOS Berlin
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: ABP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- OnTrak
- 90217A
- and 90207
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: CardioExpress
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
- SL6A
- SL12A
- and SL18A
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: DM3 and DM4 Monitors
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Eclipse Pro
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: EVO
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Intesys Clinical Suite (ICS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Intesys Clinical Suite (ICS) Clinical Access Workstations
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Lifescreen Pro
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Pathfinder SL
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Qube
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
- '91390'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Qube Mini
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
- '91389'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: SafeNSound
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions:
- 4.3.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
2022-01-24 22:27:28 +00:00
notes: Version >4.3.1 - Not Affected
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Sentinel
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Spacelabs Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Ultraview SL
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
- '91367'
- '91369'
- '91370'
- and 91387
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Xhibit Telemetry Receiver (XTR)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- '96280'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Xhibit, XC4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- Xhibit 96102
- XC4 96501
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: XprezzNet
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
- '96190'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spacelabs Healthcare
2022-01-24 22:27:28 +00:00
product: Xprezzon
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-01-24 22:27:28 +00:00
fixed_versions: []
unaffected_versions:
- '91393'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
2022-01-24 22:27:28 +00:00
notes: ''
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: Spambrella
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spambrella.com/faq/status-of-spambrella-products-with-cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Spigot
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Data Stream Processor
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- DSP 1.0.x
- DSP 1.1.x
- DSP 1.2.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- '4.11'
- 4.10.x (Cloud only)
- 4.9.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 4.11.0
- 4.10.x (Cloud only)
- 4.9.x
- 4.8.x (Cloud only)
- 4.7.x
- 4.6.x
- 4.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 5.2.0 and older
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 3.0.0 and older
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Application Performance Monitoring
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- Current
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
product: Splunk Connect for Kafka
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All versions prior to 2.0.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
product: Splunk Enterprise (including instance types like Heavy Forwarders)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used.
See Removing Log4j from Splunk Enterprise below for guidance on unsupported
versions.
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
product: Splunk Enterprise Amazon Machine Image (AMI)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- See Splunk Enterprise
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
product: Splunk Enterprise Docker Container
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- See Splunk Enterprise
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Infrastructure Monitoring
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- Current
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Log Observer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- Current
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Logging Library for Java
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 1.11.0 and older
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk On-call / VictorOps
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- Current
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 4.0.3 and older
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 4.2.1 and older
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Real User Monitoring
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 3.0.0 and older
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk Synthetics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Current
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk UBA OVA Software
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 5.0.3a
- 5.0.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Splunk
2022-01-24 22:27:28 +00:00
product: Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 1.1.1 and older
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2021-12-30T08:20:00-08:00'
- vendor: Sprecher Automation
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sprecher-automation.com/en/it-security/security-alerts
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Spring
product: Spring Boot
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
notes: Spring Boot users are only affected by this vulnerability if they have
switched the default logging system to Log4J2
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Spring Boot
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: StarDog
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.stardog.com/t/stardog-7-8-1-available/3411
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: STERIS
product: Advantage
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
product: Advantage Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO 2000 SERIES WASHER DISINFECTORS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO 3000 SERIES WASHER DISINFECTORS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO 400 MEDIUM STEAM STERILIZER
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO 400 SMALL STEAM STERILIZERS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO 5000 SERIES WASHER DISINFECTORS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO 600 MEDIUM STEAM STERILIZER
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO 7000 SERIES WASHER DISINFECTORS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO CENTURY MEDIUM STEAM STERILIZER
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO CENTURY SMALL STEAM STERILIZER
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: AMSCO EVOLUTION MEDIUM STEAM STERILIZER
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Canexis 1.0
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: CELERITY HP INCUBATOR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: CELERITY STEAM INCUBATOR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: CER Optima
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Clarity Software
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Connect Software
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: ConnectAssure Technology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: ConnectoHIS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: CS-iQ Sterile Processing Workflow
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: DSD Edge
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: DSD-201,
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: EndoDry
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Endora
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Harmony iQ Integration Systems
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Harmony iQ Perspectives Image Management System
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: HexaVue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: HexaVue Integration System
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: IDSS Integration System
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: RapidAER
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: ReadyTracker
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: RealView Visual Workflow Management System
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: RELIANCE 444 WASHER DISINFECTOR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: RELIANCE SYNERGY WASHER DISINFECTOR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Renatron
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: ScopeBuddy+
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: SecureCare ProConnect Technical Support Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: Situational Awareness for Everyone Display (S.A.F.E.)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: SPM Surgical Asset Tracking Software
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: STERIS
2022-01-24 22:27:28 +00:00
product: VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Sterling Order IBM
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ibm.com/support/pages/node/6525544
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Storagement
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.storagement.de/index.php?action=topicofthemonth&site=log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: StormShield
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.stormshield.com/news/log4shell-security-alert-stormshield-product-response/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: StrangeBee TheHive & Cortex
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.strangebee.com/apache-log4j-cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Stratodesk
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- http://cdn.stratodesk.com/repository/notouch-center/10/4.5.231/0/ReleaseNotes-Stratodesk-NoTouch_Center-4.5.231.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Strimzi
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://strimzi.io/blog/2021/12/14/strimzi-and-log4shell/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Stripe
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.stripe.com/questions/update-for-apache-log4j-vulnerability-(cve-2021-44228)
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Styra
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.styra.com/blog/newest-log4j-security-vulnerability-cve-2021-44228-log4shell
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Sumologic
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.google.com/document/d/e/2PACX-1vSdeODZ2E5k0aZgHm06OJWhDQWgtxxB0ZIrTsuQjg5xaoxlogmTVGdOWoSFtDlZBdHzY6ET6k6Sk-g1/pub
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SumoLogic
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.sumologic.com/Release-Notes/Collector-Release-Notes#december-11-2021-19-361-12
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Superna EYEGLASS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://manuals.supernaeyeglass.com/project-technical-advisories-all-products/HTML/technical-advisories.html#h2__1912345025
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Suprema Inc
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.supremainc.com/en/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SUSE
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.suse.com/c/suse-statement-on-log4j-log4shell-cve-2021-44228-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Sweepwidget
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sweepwidget.com/view/23032-v9f40ns1/4zow83-23032
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Swyx
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://service.swyx.net/hc/de/articles/4412323539474
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Synchro MSP
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.syncromsp.com/t/log4j-rce-cve-2021-4428/1350
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Syncplify
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.syncplify.com/no-we-are-not-affected-by-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Synology
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.synology.com/en-global/security/advisory/Synology_SA_21_30
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Synopsys
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Syntevo
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.syntevo.com/blog/?p=5240
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: SysAid
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.sysaid.com/lp/important-update-regarding-apache-log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Sysdig
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sysdig.com/blog/cve-critical-vulnerability-log4j/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-25 20:20:04 +00:00
...