1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-14 12:57:55 +00:00
log4j-affected-db/data/cisagov_A.yml

10494 lines
292 KiB
YAML
Raw Normal View History

---
version: '1.0'
owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: ABB
product: AlarmInsight Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: B&R Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: Remote Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Abbott
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
notes: Details are shared with customers with an active RAP subscription.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Abbott
product: GLP Track System
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- Track Sample Manager (TSM)
- Track Workflow Manager (TWM)
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
2022-02-11 19:11:34 +00:00
notes: Abbott will provide a fix for this in a future update expected in January
2022.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Abnormal Security
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://abnormalsecurity.com/blog/attackers-use-email-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellence Technologies
product: EBÜS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accellence.de/en/articles/cve-2021-44228-62
2022-02-11 19:11:34 +00:00
notes: EBÜS itself is not vulnerable to CVE-2021-44228. Although it includes several
3rd-party software setups, which may be affected.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellence Technologies
product: Vimacc
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accellence.de/en/articles/cve-2021-44228-62
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellion
product: Kiteworks
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- v7.6 release
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/
2022-02-11 19:11:34 +00:00
notes: As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address
the vulnerability. This patch release adds the mitigation for CVE-2021-44228
contained in the Solr package as recommended by Apache Solr group. Specifically,
it updates the Log4j library to a non-vulnerable version on CentOS 7 systems
as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"
to disable the possible attack vector on both CentOS 6 and CentOS 7.
references:
- ''
last_updated: '2021-12-16T00:00:00'
2022-02-10 18:44:58 +00:00
- vendor: Accruent
product: Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Asset Enterprise
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: BigCenter
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: EMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Evoco
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Expesite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Famis 360
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Lucernex
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Maintenance Connection
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Meridian
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Single Sign On (SSO, Central Auth)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: SiteFM3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: SiteFM4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Siterra
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: TMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxField
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxMaintain
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxObserve
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxSustain
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acquia
2022-02-10 18:29:02 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
2022-02-11 12:47:37 +00:00
product: Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '11.7'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '12.5'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Files
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 8.6.2 onwards
2022-02-11 12:47:37 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Infrastructure
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '3.5'
2022-02-11 19:11:34 +00:00
- 4.x
2022-02-11 12:47:37 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Protect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '15'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Protection Home Office
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 12:47:37 +00:00
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 2017 onwards
2022-02-11 12:47:37 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: DeviceLock DLP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 12:47:37 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '9.0'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Files Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 10.7 onwards
2022-02-11 12:47:37 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: MassTransit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '8.1'
- '8.2'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Snap Deploy
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '5'
- '6'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ActiveState
2022-02-11 12:47:37 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.activestate.com/blog/activestate-statement-java-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 12:53:48 +00:00
- vendor: Acunetix
product: '360'
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 12:53:48 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: Agents
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 12:53:48 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: Application
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 12:53:48 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: IAST - ASP.NET
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 12:53:48 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
2022-02-11 19:11:34 +00:00
product: IAST - NodeJS
2022-02-11 12:53:48 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-02-11 19:11:34 +00:00
fixed_versions: []
unaffected_versions:
- All
2022-02-11 12:53:48 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
2022-02-11 19:11:34 +00:00
notes: ''
2022-02-11 12:53:48 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
2022-02-11 19:11:34 +00:00
product: IAST - PHP
2022-02-11 12:53:48 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 12:53:48 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
2022-02-11 19:11:34 +00:00
product: IAST-Java
2022-02-11 12:53:48 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-02-11 19:11:34 +00:00
fixed_versions:
- All
unaffected_versions: []
2022-02-11 12:53:48 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
2022-02-11 19:11:34 +00:00
notes: AcuSensor IAST module needs attention.
2022-02-11 12:53:48 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adaptec
2022-02-11 12:53:48 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://ask.adaptec.com/app/answers/detail/a_id/17523/kw/log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Addigy
2022-02-11 12:53:48 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adeptia
2022-02-11 12:57:17 +00:00
product: Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 12:57:17 +00:00
investigated: true
affected_versions: []
fixed_versions:
- '3.3'
- '3.4'
- '3.5'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 12:57:17 +00:00
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adeptia
product: Suite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 6.9.9
- 6.9.10
- 6.9.11
2022-02-11 12:57:17 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 12:57:17 +00:00
- https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 13:04:56 +00:00
- vendor: Adobe
product: Automated Forms Conversion Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:04:56 +00:00
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: ColdFusion
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.3 Forms on JEE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- All versions from 6.3 GA to 6.3.3
2022-02-11 13:04:56 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.4 Forms Designer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 13:04:56 +00:00
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.4 Forms on JEE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- All versions from 6.4 GA to 6.4.8
2022-02-11 13:04:56 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 13:04:56 +00:00
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.5 Forms Designer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.5 Forms on JEE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- All versions from 6.5 GA to 6.5.11
2022-02-11 13:04:56 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager Forms on OSGi
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 13:04:56 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager Forms Workbench
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 13:04:56 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ADP
2022-02-11 13:04:56 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-02 17:56:53 +00:00
- vendor: Advanced Micro Devices (AMD)
product: All
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-02 18:00:37 +00:00
- All
2022-02-02 17:56:53 +00:00
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034
notes: ''
references:
- ''
last_updated: '2022-02-02T00:00:00'
2022-01-24 22:27:28 +00:00
- vendor: Advanced Systems Concepts (formally Jscape)
product: Active MFT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:12:33 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 13:12:33 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:12:33 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 13:12:33 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:12:33 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 13:12:33 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:12:33 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 13:12:33 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2021-12-14T00:00:00'
2022-02-11 13:12:33 +00:00
- vendor: AFHCAN Global LLC
product: AFHCANcart
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:12:33 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 13:12:33 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 13:12:33 +00:00
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
2022-02-11 13:12:33 +00:00
product: AFHCANmobile
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
2022-02-11 13:12:33 +00:00
product: AFHCANServer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-24 22:27:28 +00:00
- vendor: AFHCAN Global LLC
2022-02-11 13:12:33 +00:00
product: AFHCANsuite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-24 22:27:28 +00:00
- vendor: AFHCAN Global LLC
2022-02-11 13:12:33 +00:00
product: AFHCANupdate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
2022-02-11 13:12:33 +00:00
product: AFHCANweb
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 13:12:33 +00:00
- vendor: Agilysys
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ahsay
product: Mobile
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-01-24 22:27:28 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 1.6+
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 13:12:33 +00:00
- https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j
2022-01-24 22:27:28 +00:00
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 13:12:33 +00:00
- vendor: Ahsay
product: Other products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- version 8.5.4.86 (and above)
2022-02-11 13:12:33 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ahsay
product: PRD
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:12:33 +00:00
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '2.0'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 13:12:33 +00:00
vendor_links:
- https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AIL
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 13:12:33 +00:00
- https://twitter.com/ail_project/status/1470373644279119875
2022-01-24 22:27:28 +00:00
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Akamai
2022-02-11 13:34:52 +00:00
product: Enterprise Application Access (EAA) Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 13:34:52 +00:00
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Akamai
product: SIEM Integration Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- <1.7.4
2022-02-11 13:34:52 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes
2022-02-11 19:11:34 +00:00
notes: Akamai SIEM Integration Connector is vulnerable to CVE-2021-44228, CVE-2021-45046
and CVE-2021-45105.
2022-02-11 13:34:52 +00:00
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Akamai
product: SIEM Splunk Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 13:34:52 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 1.4.10
2022-02-11 13:34:52 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 13:34:52 +00:00
- https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes
notes: Akamai SIEM Integration Connector for Splunk is not vulnerable to CVE-2021-44228.
Although it includes the vulnerable Log4J component, it is not used by the connector.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Alcatel
2022-02-11 13:34:52 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://dokuwiki.alu4u.com/doku.php?id=log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alertus
2022-02-11 13:34:52 +00:00
product: Console
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:34:52 +00:00
investigated: true
affected_versions: []
2022-02-11 13:34:52 +00:00
fixed_versions:
2022-02-11 19:11:34 +00:00
- 5.15.0
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alexion
2022-02-11 13:34:52 +00:00
product: Alexion CRM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:34:52 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 13:34:52 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://alexion.nl/blog/alexion-crm-niet-vatbaar-voor-log4shell
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alfresco
2022-02-11 13:34:52 +00:00
product: Alfresco
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:34:52 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 13:34:52 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AlienVault
2022-02-11 13:34:52 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
2022-02-11 13:38:44 +00:00
product: AmiSconnect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 13:38:44 +00:00
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: Custo Diagnostics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5.4'
- '5.6'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: JiveX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 13:38:44 +00:00
vendor_links:
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: Zorgbericht
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 13:34:52 +00:00
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 15:22:54 +00:00
- vendor: Amazon
product: AMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Work in progress, portion of customers may still be vulnerable. Actively
monitoring this issue, and are working on addressing it for any AMS services
which use Log4j2.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: API Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: Athena
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: Athena JDBC Driver
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: All versions vended to customers were not affected.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Linux 1
- '2'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-16 19:27:07 +00:00
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Amazon Linux 1 had aws apitools which were Java based but these were deprecated
in 2015 [AWS Forum](https://forums.aws.amazon.com/thread.jspa?threadID=323611).
2022-02-11 15:22:54 +00:00
AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2
and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS AppFlow
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS AppSync
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS Certificate Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS Certificate Manager Private CA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS CloudHSM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 3.4.1
2022-02-11 15:22:54 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: CloudHSM JCE SDK 3.4.1 or higher is not vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS CodeBuild
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS CodePipeline
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Vendors recommend evaluating components of the environment outside of the
Amazon Connect service boundary, which may require separate/additional customer
mitigation.
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Amazon
product: AWS Directory Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Amazon
product: AWS DynamoDB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS ECS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228
and CVE-2021-45046) security issues on customers containers, Amazon EKS, Amazon
ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch
will require customer opt-in to use, and disables JNDI lookups from the Log4J2
library in customers containers. These updates are available as an Amazon Linux
package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS,
and will be in supported AWS Fargate platform versions.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS EKS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228
and CVE-2021-45046) security issues on customers containers, Amazon EKS, Amazon
ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch
will require customer opt-in to use, and disables JNDI lookups from the Log4J2
library in customers containers. These updates are available as an Amazon Linux
package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS,
and will be in supported AWS Fargate platform versions.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Elastic Beanstalk
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Default configuration of applications usage of Log4j versions is not vulnerable.
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS ElastiCache
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS ELB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Fargate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Opt-in hot-patch to mitigate the Log4j issue in JVM layer will be available
as platform versions.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Has been updated. Vulnerable only if ETL jobs load affected versions of
Apache Log4j.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Greengrass
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Updates for all Greengrass V2 components Stream Manager (2.0.14) and Secure
Tunneling (1.0.6) are available. For Greengrass versions 1.10.x and 1.11.x,
an update for the Stream Manager feature is included in Greengrass patch versions
1.10.5 and 1.11.5.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Inspector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS IoT SiteWise Edge
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Updates for all AWS IoT SiteWise Edge components that use Log4j were made
available; OPC-UA collector (v2.0.3), Data processing pack (v2.0.14), and Publisher
(v2.0.2).
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS Kinesis Data Streams
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: We are actively patching all sub-systems that use Log4j2 by applying updates.
The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library
(KPL) are not impacted. For customers using KCL 1.x, we have released an updated
version and we strongly recommend that all KCL version 1.x customers upgrade
2022-02-11 19:11:34 +00:00
to KCL version 1.14.5 (or higher). KCL 2.x, KCL 1.14.5 or higher, and KPL are
not vulnerable.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS KMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Lambda
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: Vulnerable when using aws-lambda-java-log4j2.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Polly
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS QuickSight
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS RDS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified
in CVE-2021-44228.
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS S3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS SDK
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS Secrets Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS Service Catalog
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS SNS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon SNS systems that serve customer traffic are patched against the
Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate
separately from SNSs systems that serve customer traffic.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS SQS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS Systems Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS Systems Manager Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS Textract
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: Chime
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Amazon Chime and Chime SDK services have been updated to mitigate the issues
identified in CVE-2021-44228 and CVE-2021-45046.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Cloud Directory
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: CloudFront
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: CloudWatch
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Cognito
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Corretto
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: 10/19 release distribution does not include Log4j. Vulnerable only if customers
applications use affected versions of Apache Log4j.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: DocumentDB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: EC2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Packages for Amazon Linux 1 and 2 not affected, package for Amazon Linux
2022 is affected.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: ECR Public
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Amazon-owned images published under a Verified Account on Amazon ECR Public
are not affected by the Log4j issue.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: Elastic Load Balancing
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Services have been updated. All Elastic Load Balancers, as well as Classic,
Application, Network and Gateway, are not affected by this Log4j issue.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: EMR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Many customers are estimated to be vulnerable. Vulnerable only if affected
EMR releases are used and untrusted sources are configured to be processed.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: EventBridge
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Fraud Detector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Inspector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Inspector Classic
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kafka (MSK)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Applying updates as required, portion of customers may still be vulnerable.
2022-02-11 19:11:34 +00:00
Some MSK-specific service components use Log4j > 2.0.0 library and are being
patched where needed.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kendra
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Keyspaces (for Apache Cassandra)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kinesis
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kinesis Data Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Lake Formation
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Update in progress, portion of customers may still be vulnerable. AWS Lake
Formation service hosts are being updated to the latest version of Log4j.
2022-02-11 15:22:54 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Lex
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 15:22:54 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Linux (AL1)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 15:22:54 +00:00
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 15:22:54 +00:00
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: By default not vulnerable. Opt-in hot-patch to mitigate the Log4j in JVM
layer issue is available.
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Linux (AL2)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: By default not vulnerable, and a new version of Amazon Kinesis Agent which
is part of AL2 addresses the Log4j issue. Opt-in hot-patch to mitigate the Log4j
issue in JVM layer is available.
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Lookout for Equipment
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 15:22:54 +00:00
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 15:22:54 +00:00
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Macie
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 15:22:54 +00:00
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Macie Classic
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Managed Workflows for Apache Airflow (MWAA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 15:22:54 +00:00
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 15:22:54 +00:00
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: MemoryDB for Redis
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Monitron
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: MQ
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-01-24 22:27:28 +00:00
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Neptune
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 15:22:54 +00:00
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 15:22:54 +00:00
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: NICE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 15:22:54 +00:00
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 15:22:54 +00:00
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Recommended to update EnginFrame or Log4j library.
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: OpenSearch
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 15:22:54 +00:00
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- R20211203-P2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
2022-02-11 15:22:54 +00:00
notes: Update released, customers need to update their clusters to the fixed release.
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Pinpoint
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 15:22:54 +00:00
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: RDS Aurora
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: RDS for Oracle
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 15:22:54 +00:00
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Redshift
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions: []
fixed_versions:
2022-02-11 15:22:54 +00:00
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Rekognition
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Route 53
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: SageMaker
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Completed patching for the Apache Log4j2 issue (CVE-2021-44228). Vulnerable
only if customers applications use affected versions of Apache Log4j.
references:
- ''
2022-02-11 15:22:54 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Simple Notification Service (SNS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 15:22:54 +00:00
notes: Systems that serve customer traffic are patched against the Log4j2 issue.
Working to apply the patch to sub-systems that operate separately from SNSs
systems that serve customer traffic.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Simple Queue Service (SQS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Simple Workflow Service (SWF)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 15:22:54 +00:00
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 15:22:54 +00:00
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Single Sign-On
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Step Functions
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
2022-02-11 15:22:54 +00:00
product: Timestream
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
2022-02-11 15:22:54 +00:00
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Translate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 15:22:54 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/translate/
notes: Service not identified on [AWS Log4j Security Bulletin](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/)
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: VPC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: WorkSpaces/AppStream 2.0
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 15:22:54 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
2022-02-11 19:11:34 +00:00
notes: Not affected with default configurations. WorkDocs Sync client versions
1.2.895.1 and older within Windows WorkSpaces, which contain the Log4j component,
are vulnerable; For update instruction, see source for more info.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AMD
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 15:22:54 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 15:22:54 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034
2022-02-11 15:37:10 +00:00
notes: Currently, no AMD products have been identified as affected. AMD is continuing
its analysis.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Anaconda
2022-02-11 15:22:54 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- 4.10.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.conda.io/projects/conda/en/latest/index.html
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
2022-02-11 16:27:10 +00:00
- vendor: AOMEI
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.aomeitech.com/forum/index.php?p=/discussion/7651/aomei-and-log4j
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: ActiveMQ Artemis
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://activemq.apache.org/news/cve-2021-44228
notes: ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17
is included in the Hawtio-based web console application archive (i.e. [web/console.war/WEB-INF/lib](web/console.war/WEB-INF/lib)).
Although this version of Log4j is not impacted by CVE-2021-44228 future versions
of Artemis will be updated so that the Log4j jar is no longer included in the
web console application archive. See [ARTEMIS-3612](https://issues.apache.org/jira/browse/ARTEMIS-3612)
for more information on that task.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: Airflow
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Airflow is written in Python
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Archiva
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 16:27:10 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 2.2.6
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 2.2.6.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Camel
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 16:27:10 +00:00
affected_versions: []
fixed_versions: []
2022-02-11 16:27:10 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: Apache Camel does not directly depend on Log4j 2, so we are not affected
by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own
applications, make sure to upgrade.Apache Camel does use log4j during testing
itself, and therefore you can find that we have been using log4j v2.13.3 release
in our latest LTS releases Camel 3.7.6, 3.11.4.
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
2022-01-24 22:27:28 +00:00
product: Camel 2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 16:27:10 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
2022-01-24 22:27:28 +00:00
product: Camel JBang
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
affected_versions:
- <=3.1.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
2022-01-24 22:27:28 +00:00
product: Camel K
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 16:27:10 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
2022-02-11 19:11:34 +00:00
product: Camel Kafka Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
2022-02-11 19:11:34 +00:00
affected_versions: []
fixed_versions: []
2022-02-11 19:11:34 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
2022-02-11 19:11:34 +00:00
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
2022-02-11 19:11:34 +00:00
product: Camel Karaf
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
2022-02-11 19:11:34 +00:00
affected_versions:
2022-02-11 16:27:10 +00:00
- ''
2022-02-11 19:11:34 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
2022-02-11 19:11:34 +00:00
notes: The Karaf team is aware of this and are working on a new Karaf 4.3.4 release
with updated log4j.
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
2022-02-11 19:11:34 +00:00
product: Camel Quarkus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Cassandra
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 16:27:10 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://lists.apache.org/thread/2rngylxw8bjos6xbo1krp29m9wn2hhdr
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Druid
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 16:27:10 +00:00
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 0.22.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/apache/druid/releases/tag/druid-0.22.1
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
2022-02-11 16:27:10 +00:00
- vendor: Apache
product: Dubbo
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/apache/dubbo/issues/9380
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Apache
product: Flink
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 16:27:10 +00:00
- 1.15.0
- 1.14.2
- 1.13.5
- 1.12.7
- 1.11.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://flink.apache.org/2021/12/10/log4j-cve.html
2022-02-11 19:11:34 +00:00
notes: To clarify and avoid confusion, the 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5 releases,
which were supposed to only contain a Log4j upgrade to 2.15.0, were skipped
because CVE-2021-45046 was discovered during the release publication. The new
1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade for Log4j
to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046.
references:
- '[https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html)'
last_updated: '2021-12-12T00:00:00'
- vendor: Apache
2022-02-11 16:27:10 +00:00
product: Fortress
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
2022-02-11 16:27:10 +00:00
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 2.0.7
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 2.0.7.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Geode
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 1.14.0
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 1.12.6, 1.13.5, 1.14.1.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
2022-02-11 16:27:10 +00:00
product: Guacamole
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 16:27:10 +00:00
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 16:27:10 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Hadoop
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 16:27:10 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
2022-02-11 16:27:10 +00:00
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
2022-02-11 16:27:10 +00:00
product: HBase
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 16:27:10 +00:00
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
2022-02-11 16:27:10 +00:00
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
2022-02-11 16:27:10 +00:00
product: Hive
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 4.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
2022-02-11 16:27:10 +00:00
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
2022-02-11 16:27:10 +00:00
product: James
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 3.6.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
2022-02-11 16:27:10 +00:00
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
2022-02-11 16:27:10 +00:00
product: Jena
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:27:10 +00:00
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 4.3.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 16:27:10 +00:00
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
2022-02-11 16:27:10 +00:00
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: JMeter
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 16:27:10 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: JSPWiki
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 2.11.1
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Kafka
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://kafka.apache.org/cve-list
notes: Uses Log4j 1.2.17.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Log4j 1.x
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 16:27:10 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logging.apache.org/log4j/2.x/security.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Log4j 2.x
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 2.17.1
2022-02-11 16:27:10 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logging.apache.org/log4j/2.x/security.html
notes: Fixed in Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6).
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Maven
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 16:27:10 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: NiFi
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 16:27:10 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 1.15.1, 1.16.0.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: OFBiz
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 18.12.03
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Ozone
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 1.2.1
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 1.15.1, 1.16.0.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: SkyWalking
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 8.9.1
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: SOLR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 7.4.0 to 7.7.3
- 8.0.0 to 8.11.0
2022-02-11 16:27:10 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
2022-02-11 19:11:34 +00:00
notes: Fixed in 8.11.1, Versions before 7.4 also vulnerable when using several
configurations.
2022-02-11 16:27:10 +00:00
references:
- '[Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html)'
last_updated: '2021-12-16T00:00:00'
- vendor: Apache
product: Spark
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
2022-02-11 16:27:10 +00:00
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Uses log4j 1.x
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Struts
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 2.5.28
2022-02-11 16:27:10 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Struts 2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Versions before 2.5.28.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://struts.apache.org/announce-2021
notes: The Apache Struts group is pleased to announce that Struts 2.5.28.1 is
available as a General Availability release. The GA designation is our highest
quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by
using the latest Log4j 2.12.2 version (Java 1.7 compatible).
references:
- '[Apache Struts Release Downloads](https://struts.apache.org/download.cgi#struts-ga)'
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: Tapestry
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 5.7.3
2022-02-11 16:27:10 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Tika
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 2.0.0 and up
2022-02-11 16:27:10 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Tomcat
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tomcat.apache.org/security-9.html
notes: Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications
deployed on Apache Tomcat may have a dependency on log4j. You should seek support
from the application vendor in this instance. It is possible to configure Apache
Tomcat 9.0.x to use log4j 2.x for Tomcats internal logging. This requires explicit
configuration and the addition of the log4j 2.x library. Anyone who has switched
Tomcats internal logging to log4j 2.x is likely to need to address this vulnerability.
In most cases, disabling the problematic feature will be the simplest solution.
Exactly how to do that depends on the exact version of log4j 2.x being used.
Details are provided on the [log4j 2.x security page](https://logging.apache.org/log4j/2.x/security.html)
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: TrafficControl
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: ZooKeeper
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-24 22:27:28 +00:00
- vendor: APC by Schneider Electric
product: Powerchute Business Edition
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-01-24 22:27:28 +00:00
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- v9.5
- v10.0.1
- v10.0.2
- v10.0.3
- v10.0.4
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-01-24 22:27:28 +00:00
vendor_links:
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
notes: Mitigation instructions to remove the affected class.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: APC by Schneider Electric
product: Powerchute Network Shutdown
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '4.2'
- '4.3'
- '4.4'
2022-02-11 19:11:34 +00:00
- 4.4.1
2022-01-24 22:27:28 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
notes: Mitigation instructions to remove the affected class.
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2021-12-15T00:00:00'
- vendor: Apereo
2022-01-24 22:27:28 +00:00
product: CAS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 16:46:40 +00:00
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 6.3.x
- 6.4.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://apereo.github.io/2021/12/11/log4j-vuln/
2022-02-11 16:46:40 +00:00
notes: Other versions still in active maintainance might need manual inspection.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-24 22:27:28 +00:00
- vendor: Apereo
product: Opencast
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: true
2022-02-11 16:46:40 +00:00
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- < 9.10
- < 10.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-01-24 22:27:28 +00:00
vendor_links:
- https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apigee
2022-02-11 16:46:40 +00:00
product: Edge and OPDK products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 16:46:40 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 16:46:40 +00:00
unaffected_versions:
2022-02-11 19:11:34 +00:00
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.apigee.com/incidents/3cgzb0q2r10p
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apollo
2022-02-11 16:46:40 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.apollographql.com/t/log4j-vulnerability/2214
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appdynamics
2022-02-11 16:46:40 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appeon
product: PowerBuilder
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Appeon PowerBuilder 2017-2021 regardless of product edition
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 16:46:40 +00:00
vendor_links:
- https://community.appeon.com/index.php/qna/q-a/apache-log4j-security-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: AppGate
2022-02-11 16:46:40 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appian
product: Appian Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.appian.com/support/w/kb/2511/kb-2204-information-about-the-log4j2-security-vulnerabilities-cve-2021-44228-cve-2021-45046
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Application Performance Ltd
product: DBMarlin
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
2022-02-11 17:44:09 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2021-12-15T00:00:00'
- vendor: APPSHEET
2022-02-11 17:44:09 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-01-24 22:27:28 +00:00
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-01-24 22:27:28 +00:00
- vendor: Aptible
2022-02-11 17:44:09 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 17:44:09 +00:00
affected_versions: []
fixed_versions:
- Search 5.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-01-24 22:27:28 +00:00
- https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4
notes: ''
references:
- ''
2022-01-24 22:27:28 +00:00
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aqua Security
2022-02-11 17:44:09 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arbiter Systems
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 17:44:09 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 17:44:09 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arbiter.com/news/index.php?id=4403
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: ARC Informatique
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1141-security-bulletin-2021-1
notes: ''
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Arca Noae
2022-02-11 17:44:09 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arcserve
product: Arcserve Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve Continuous Availability
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve Email Archiving
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve UDP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 6.5-8.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: ShadowProtect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: ShadowXafe
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Solo
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: StorageCraft OneXafe
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: ArcticWolf
2022-02-11 17:44:09 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://arcticwolf.com/resources/blog/log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arduino
2022-02-11 17:44:09 +00:00
product: IDE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 17:44:09 +00:00
investigated: true
affected_versions: []
2022-02-11 17:44:09 +00:00
fixed_versions:
2022-02-11 19:11:34 +00:00
- 1.8.17
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ariba
2022-02-11 17:44:09 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://connectsupport.ariba.com/sites#announcements-display&/Event/908469
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
2022-02-11 17:44:09 +00:00
product: Analytics Node for Converged Cloud Fabric
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>7.0.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: Formerly Big Cloud Fabric
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: Analytics Node for DANZ Monitoring Fabric
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 17:44:09 +00:00
investigated: true
affected_versions:
- '>7.0.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: Formerly Big Monitoring Fabric
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: CloudVision Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 17:44:09 +00:00
cve-2021-44228:
investigated: true
affected_versions:
- '>2019.1.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 17:44:09 +00:00
- vendor: Arista
product: CloudVision Wi-Fi, virtual or physical appliance
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>8.8'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: Embedded Analytics for Converged Cloud Fabric
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>5.3.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: Formerly Big Cloud Fabric
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
2022-02-11 17:58:04 +00:00
product: AirWave Management Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 17:58:04 +00:00
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Analytics and Location Engine
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
2022-02-11 19:11:34 +00:00
product: ArubaOS SD-WAN Gateways
2022-02-11 17:58:04 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
2022-02-11 19:11:34 +00:00
product: ArubaOS Wi-Fi Controllers and Gateways
2022-02-11 17:58:04 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ArubaOS-CX Switches
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ArubaOS-S Switches
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Central
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Central On-Prem
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ClearPass Policy Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: EdgeConnect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Fabric Composer (AFC)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: HP ProCurve Switches
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Instant
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Instant Access Points
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Instant On
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: IntroSpect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- Versions 2.5.0.0 to 2.5.0.6
2022-02-11 17:58:04 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Legacy GMS Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Legacy NX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
2022-02-11 19:11:34 +00:00
product: Legacy VRX
2022-02-11 17:58:04 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
2022-02-11 19:11:34 +00:00
product: Legacy VX
2022-02-11 17:58:04 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: NetEdit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Plexxi Composable Fabric Manager (CFM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Silver Peak Orchestrator
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
2022-02-11 17:58:04 +00:00
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: User Experience Insight (UXI)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: VIA Clients
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 17:58:04 +00:00
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ataccama
2022-02-11 17:58:04 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atera
2022-02-11 17:58:04 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.reddit.com/r/atera/comments/rh7xb1/apache_log4j_2_security_advisory_update/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Bamboo Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 18:27:35 +00:00
affected_versions:
2022-02-11 19:11:34 +00:00
- On Prem
fixed_versions: []
2022-02-11 18:27:35 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
2022-02-11 18:27:35 +00:00
notes: Only vulnerable when using non-default config, cloud version fixed.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Bitbucket Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 18:27:35 +00:00
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- On prem
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product is not vulnerable to remote code execution but may leak information
due to the bundled Elasticsearch component being vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence Server & Data Center
2022-02-11 18:27:35 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- On prem
2022-02-11 18:27:35 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: Only vulnerable when using non-default config, cloud version fixed.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS CSAT Pro
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- v1.7.1
2022-02-11 18:27:35 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS WorkBench
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 18:27:35 +00:00
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
2022-02-11 18:27:35 +00:00
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
2022-02-11 18:27:35 +00:00
product: Confluence-CIS-CAT Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- v4.13.0
2022-02-11 18:27:35 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Assessor v3 Full and Dissolvable
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- v3.0.77
2022-02-11 18:27:35 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Assessor v4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- v4.13.0
2022-02-11 18:27:35 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Assessor v4 Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- v1.13.0
2022-02-11 18:27:35 +00:00
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Dashboard
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-02-11 18:27:35 +00:00
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-Hosted CSAT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Crowd Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- On prem
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Crucible
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 18:27:35 +00:00
affected_versions:
2022-02-11 19:11:34 +00:00
- On prem
fixed_versions: []
2022-02-11 18:27:35 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Fisheye
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 18:27:35 +00:00
affected_versions:
2022-02-11 19:11:34 +00:00
- On prem
fixed_versions: []
2022-02-11 18:27:35 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Jira Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
2022-02-11 18:27:35 +00:00
affected_versions:
- On prem
fixed_versions: []
2022-02-11 18:27:35 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 18:27:35 +00:00
- vendor: Attivo Networks
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atvise
product: All
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
2022-01-24 22:27:28 +00:00
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen
2022-01-24 22:27:28 +00:00
notes: The security vulnerability does NOT affect our applications and products
or pose any threat. This applies to all Bachmann applications and products,
including atvise solutions.
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: AudioCodes
2022-02-11 18:27:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://services.audiocodes.com/app/answers/kbdetail/a_id/2225
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Autodesk
2022-02-11 18:27:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html
notes: Autodesk is continuing to perform a thorough investigation in relation
to the recently discovered Apache Log4j security vulnerabilities. We continue
to implement several mitigating factors for our products including patching,
network firewall blocks, and updated detection signatures to reduce the threat
of this vulnerability and enhance our ability to quickly respond to potential
malicious activity. We have not identified any compromised systems in the Autodesk
environment due to this vulnerability, at this time. This is an ongoing investigation
and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview).
references:
- ''
last_updated: '2021-12-21T00:00:00'
2022-02-11 18:40:35 +00:00
- vendor: Automation Anywhere
product: Automation 360 Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302
2022-02-11 19:11:34 +00:00
notes: This advisory is available to customer only and has not been reviewed by
CISA.
2022-02-11 18:40:35 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Automation Anywhere
product: Automation 360 On Premise
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302
2022-02-11 19:11:34 +00:00
notes: This advisory is available to customer only and has not been reviewed by
CISA.
2022-02-11 18:40:35 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Automation Anywhere
product: Automation Anywhere
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
2022-02-11 19:11:34 +00:00
- 11.x
- <11.3x
2022-02-11 18:40:35 +00:00
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302
2022-02-11 19:11:34 +00:00
notes: This advisory is available to customer only and has not been reviewed by
CISA.
2022-02-11 18:40:35 +00:00
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Automox
2022-02-11 18:27:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.automox.com/log4j-critical-vulnerability-scores-a-10
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Autopsy
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.autopsy.com/autopsy-and-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Auvik
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.auvik.com/incidents/58bfngkz69mj
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Avantra SYSLINK
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Avaya
product: Avaya Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.5'
- '3.6'
- 3.6.1
- '3.7'
- '4'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:11:34 +00:00
product: Avaya Aura Application Enablement Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 19:03:21 +00:00
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 8.1.3.2
- 8.1.3.3
- '10.1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
2022-02-11 19:11:34 +00:00
notes: ''
references:
2022-02-11 19:11:34 +00:00
- '[PSN020551u](https://download.avaya.com/css/public/documents/101079386)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:11:34 +00:00
product: Avaya Aura Contact Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 7.0.2
- 7.0.3
- '7.1'
- 7.1.1
- 7.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
2022-02-11 19:11:34 +00:00
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:11:34 +00:00
product: Avaya Aura Device Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- '8'
- 8.0.1
- 8.0.2
- '8.1'
- 8.1.3
- 8.1.4
- 8.1.5
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:11:34 +00:00
product: Avaya Aura for OneCloud Private
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
2022-02-11 19:11:34 +00:00
notes: Avaya is scanning and monitoring its OneCloud Private environments as part
of its management activities. Avaya will continue to monitor this fluid situation
and remediations will be made as patches become available, in accordance with
appropriate change processes.
references:
- ''
last_updated: '2021-12-14T00:00:00'
2022-01-24 22:27:28 +00:00
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: Avaya Aura Media Server
2022-01-24 22:27:28 +00:00
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.0
- 8.0.1
- 8.0.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020549u](https://download.avaya.com/css/secure/documents/101079316)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: Avaya Aura Presence Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
2022-02-11 19:11:34 +00:00
- 7.1.2
- '8'
2022-02-11 19:11:34 +00:00
- 8.0.1
- 8.0.2
- '8.1'
2022-02-11 19:11:34 +00:00
- 8.1.1
- 8.1.2
- 8.1.3
- 8.1.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: Avaya Aura Session Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
2022-02-11 19:11:34 +00:00
- 7.1.3
- '8'
2022-02-11 19:11:34 +00:00
- 8.0.1
- '8.1'
2022-02-11 19:11:34 +00:00
- 8.1.1
- 8.1.2
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020550u](https://download.avaya.com/css/public/documents/101079384)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: Avaya Aura System Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
2022-02-11 19:11:34 +00:00
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN005565u](https://download.avaya.com/css/secure/documents/101079390)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: Avaya Aura Web Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 3.11[P]
- 3.8.1[P]
- 3.8[P]
- 3.9.1[P]
- 3.9[P]
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: Avaya Breeze
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.7'
- '3.8'
2022-02-11 19:11:34 +00:00
- 3.8.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Contact Center Select
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 7.0.2
- 7.0.3
- '7.1'
2022-02-11 19:11:34 +00:00
- 7.1.1
- 7.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya CRM Connector - Connected Desktop
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '2.2'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Device Enablement Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 3.1.22
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Meetings
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 9.1.10
- 9.1.11
- 9.1.12
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:11:34 +00:00
product: Avaya OneCloud-Private
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- '2'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:11:34 +00:00
product: Avaya OneCloud-Private-UCaaS - Mid Market Aura
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- '1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Session Border Controller for Enterprise
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 8.0.1
- '8.1'
2022-02-11 19:11:34 +00:00
- 8.1.1
- 8.1.2
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020554u](https://download.avaya.com/css/public/documents/101079394)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Social Media Hub
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 19:03:21 +00:00
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Workforce Engagement
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5.3'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Business Rules Engine
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.4'
- '3.5'
- '3.6'
- '3.7'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Callback Assist
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5'
2022-02-11 19:11:34 +00:00
- 5.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Control Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 9.0.2
- 9.0.2.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Device Enrollment Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: Equinox Conferencing
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 9.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Interaction Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 7.3.9
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
2022-02-11 19:03:21 +00:00
product: IP Office Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 11.0.4
- '11.1'
2022-02-11 19:11:34 +00:00
- 11.1.1
- 11.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Proactive Outreach Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
2022-02-11 19:11:34 +00:00
- 3.1.2
- 3.1.3
- '4'
2022-02-11 19:11:34 +00:00
- 4.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: AVEPOINT
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.avepoint.com/company/java-zero-day-vulnerability-notification
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AVM
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 18:40:35 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 18:40:35 +00:00
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C
2022-02-11 18:40:35 +00:00
notes: devices, firmware, software incl. MyFritz Service.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AvTech RoomAlert
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://avtech.com/articles/23124/java-exploit-room-alert-link/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
2022-02-11 18:40:35 +00:00
- vendor: AXIS
product: OS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
2022-02-11 18:40:35 +00:00
investigated: true
affected_versions: []
fixed_versions: []
2022-02-11 18:40:35 +00:00
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
2022-02-11 18:40:35 +00:00
- https://help.axis.com/axis-os
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AXON
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://my.axon.com/s/trust/response-to-log4j2-vuln?language=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AXS Guard
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Axways Applications
2022-02-11 18:40:35 +00:00
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.axway.com/news/1331/lang/en
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
...