1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 16:40:48 +00:00
log4j-affected-db/data/cisagov_W.yml

691 lines
19 KiB
YAML
Raw Normal View History

---
version: '1.0'
owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: WAGO
product: WAGO Smart Script
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 4.2.x < 4.8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.wago.com/de/automatisierungstechnik/psirt#log4j
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Wallarm
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://lab.wallarm.com/cve-2021-44228-mitigation-update/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wasp Barcode technologies
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: Secplicity
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Western Digital
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WIBU Systems
2022-01-24 22:27:28 +00:00
product: CodeMeter Cloud Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 2.2 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
2022-01-24 22:27:28 +00:00
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WIBU Systems
2022-01-24 22:27:28 +00:00
product: CodeMeter Keyring for TIA Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-01-24 22:27:28 +00:00
- 1.30 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
2022-01-24 22:27:28 +00:00
notes: Only the Password Manager is affected
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: LTS17
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
2022-01-25 19:58:48 +00:00
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: LTS18
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
2022-01-25 19:58:48 +00:00
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: LTS19
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
2022-01-25 19:58:48 +00:00
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: LTS21
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
2022-01-25 19:58:48 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: WRL-6
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
2022-01-25 19:58:48 +00:00
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: WRL-7
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
2022-01-25 19:58:48 +00:00
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: WRL-8
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
2022-01-25 19:58:48 +00:00
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
2022-01-25 19:58:48 +00:00
product: WRL-9
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-25 19:58:48 +00:00
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
2022-01-25 19:58:48 +00:00
last_updated: '2022-01-21T00:00:00'
- vendor: WireShark
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://gitlab.com/wireshark/wireshark/-/issues/17783
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wistia
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.wistia.com/incidents/jtg0dfl5l224
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WitFoo
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WordPress
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://wordpress.org/support/topic/is-the-log4j-vulnerability-an-issue/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Worksphere
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.worksphere.com/product/security-update-on-log4j-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wowza
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WSO2
product: WSO2 Enterprise Integrator
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.1.0 and above
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.wso2.com/pages/viewpage.action?pageId=180948677
notes: A temporary mitigation is available while vendor works on update
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
...