diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 93ed32f..c55f6c9 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -664,12 +664,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to | CyberRes | | | | Unknown | [link](https://community.microfocus.com/cyberres/b/sws-22/posts/summary-of-cyberres-impact-from-log4j-or-logshell-logjam-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Daktronics | All Sport Pro | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Dakronics Media Player | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | -| Daktronics | Dakronics Web Player | DWP-1000 | | Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DWP-1000: Not present in our codebase, but awaiting confirmation from LG re: webOS platform. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | +| Daktronics | Dakronics Web Player | DWP-1000 | | Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DWP-1000 is not present in our codebase, but awaiting confirmation from LG re webOS platform. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Data Vision Software (DVS) | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DVS has one microservice that uses Log4j, but it uses a version that is not impacted. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Dynamic Messaging System (DMS) | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Dynamic Messaging System - DMS Core Player | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Dynamic Messaging System - DMS Player hardware | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | -| Daktronics | Dynamic Messaging System - DMS Web Player | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DMS Web Player: Not present in our codebase, but awaiting confirmation from LG re: webOS platform. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | +| Daktronics | Dynamic Messaging System - DMS Web Player | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DMS Web Player not present in our codebase, but awaiting confirmation from LG re webOS platform. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | IBoot - Dataprobe IBoot Devices | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Outdoor Smartlink Devices | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Routers - Cisco Meraki Z3/Z3c Routers | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | @@ -681,42 +681,54 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Daktronics | Venus Control Suite (VCS) | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Video Image Processors | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | | Daktronics | Webcam - Mobotix | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 | -| DarkTrace | | | | Unknown | [link](https://customerportal.darktrace.com/inside-the-soc/get-article/201) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Dassault Systèmes | | | | Unknown | [link](https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Databricks | | | | Unknown | [link](https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Datadog | Datadog Agent | | >=6.17.0, <=6.32.2, >=7.17.0, <=7.32.2 | Fixed | [link](https://www.datadoghq.com/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Dataminer | | | | Unknown | [link](https://community.dataminer.services/responding-to-log4shell-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| DarkTrace | All | | | Unknown | [link](https://customerportal.darktrace.com/inside-the-soc/get-article/201) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Dassault Systèmes | All | | | Unknown | [link](https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Databricks | All | | | Unknown | [link](https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Datadog | Datadog Agent | | >=6.17.0, <=6.32.2, >=7.17.0, <=7.32.2 | Fixed | [link](https://www.datadoghq.com/log4j-vulnerability/) | JMX monitoring component leverages an impacted version of log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Datadog | datadog-kafka-connect-logs | | < 1.0.2 | Fixed | [link](https://www.datadoghq.com/log4j-vulnerability/) | Version 1.0.2 of the library uses version 2.16.0 of Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Datadog | datadog-lambda-java | | < 1.0.2 | Fixed | [link](https://www.datadoghq.com/log4j-vulnerability/) | Following AWS recommendation, library updated using the latest version of amazon-lambda-java-log4j2 (1.4.0). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Dataminer | All | | | Unknown | [link](https://community.dataminer.services/responding-to-log4shell-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Datev | | | | Unknown | [link](https://www.datev-community.de/t5/Freie-Themen/Log4-J-Schwachstelle/m-p/258185/highlight/true#M14308) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Datto | | | | Unknown | [link](https://www.datto.com/blog/dattos-response-to-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| dCache.org | | | | Unknown | [link](https://www.dcache.org/post/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Debian | | | | Unknown | [link](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Deepinstinct | | | | Unknown | [link](https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Dell | "Dell EMC PowerMax VMAX VMAX3 and VMAX AFA" | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | "Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC" | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Datto | All | | | Unknown | [link](https://www.datto.com/blog/dattos-response-to-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| DBeaver | All | | | Not Affected | [link](https://www.dcache.org/post/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| dCache.org | All | | | Unknown | [link](https://www.dcache.org/post/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Debian | Apache-log4j.1.2 | | | Not Affected | [link](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Debian | Apache-log4j2 | | | Unknown | [link](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Decos | Cloud | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 | +| Decos | EvenementenAssistent + InkomensAssistent + Leerlingenvervoer + AIM online | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 | +| Decos | Fixi | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 | +| Decos | Integrations (StUF/ZGW/Doclogic-DataIntegrator) | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 | +| Decos | JOIN Klant Contact | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 | +| Decos | JOIN Zaak &I Document (on-premise) | | All | Fixed | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | The solution contains Elasticsearch (vulnerable). Mitigating actions available on our WIKI. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 | +| Decos | JOIN Zaak &I Document (on-premise) | | All | Fixed | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | The SaaS hosted solution contains Logstash + Elasticsearch (vulnerable). Mitigating actions taken. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 | +| Deepinstinct | All | | | Unknown | [link](https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Dell | Alienware Command Center | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Alienware OC Controls | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Alienware On Screen Display | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Alienware Update | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | APEX Console | | N/A | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | APEX Data Storage Services | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patch in progress | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | APEX Console | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | APEX Data Storage Services | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patch in progress. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Atmos | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Azure Stack HCI | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Avamar vproxy | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | CalMAN Powered Calibration Firmware | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | CalMAN Ready for Dell | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Centera | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Chameleon Linux Based Diagnostics | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Chassis Management Controller (CMC) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | China HDD Deluxe | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Cloud IQ | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Client Platforms (Latitude, OptiPlex, Alienware, Inspiron, Precision, XPS, Vostro, ChengMing) BIOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Cloud IQ | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Cloud Mobility for Dell EMC Storage | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Cloud Tiering Appliance | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | CloudIQ Collector | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Common Event Enabler | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Connectrix (Cisco MDS 9000 switches) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Connectrix (Cisco MDS DCNM) | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Connectrix B-Series SANnav | 2.1.1 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 3/31/2022 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Connectrix (Cisco MDS DCNM) | V, e, r, s, i, o, n, s, , p, r, i, o, r, , t, o, , 1, 1, ., 5, (, 1, x, ) | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21. | [DSA-2021-302](https://www.dell.com/support/kbdoc/en-us/000194797/dsa-2021-302-dell-connectrix-mds-dcnm-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Connectrix B-Series SANnav | 2.1.1 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 2/28/2022. | [DSA-2021-266](https://www.dell.com/support/kbdoc/en-us/000194461/dsa-2021-266-dell-emc-connectrix-b-series-sannav-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Connextrix B Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | CyberSecIQ Application | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | CyberSense for PowerProtect Cyber Recovery | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Data Domain OS | Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-274 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Data Domain OS | Versions from 7.3.0.5 to 7.7.0.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-274 | [DSA-2021-274](https://www.dell.com/support/kbdoc/en-us/000194503/dsa-2021-274-dell-emc-data-domain-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell BSAFE Crypto-C Micro Edition | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell BSAFE Crypto-J | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell BSAFE Micro Edition Suite | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -744,65 +756,67 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | Dell Display Manager 1.5 for Windows / macOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Display Manager 2.0 for Windows / macOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC AppSync | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Avamar | "18.2 19.1 19.2 19.3 19.4" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC BSN Controller Node | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-305 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Cloud Disaster Recovery | N/A | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Avamar | 18.2, 19.1, 19.2, 19.3, 19.4 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21. | [DSA-2021-277](https://www.dell.com/support/kbdoc/en-us/000194480/dsa-2021-277-dell-emc-avamar-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC BSN Controller Node | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-305 | [DSA-2021-305](https://www.dell.com/support/kbdoc/en-us/000194631/dsa-2021-305-dell-emc-bsn-controller-node-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Cloud Disaster Recovery | Versions from 19.6 and later | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | [DSA-2021-289](https://www.dell.com/support/kbdoc/en-us/000194663/dsa-2021-289-dell-emc-cloud-disaster-recovery-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-and-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Cloudboost | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC CloudLink | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Container Storage Modules | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Data Computing Appliance (DCA) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Data Protection Advisor | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Data Protection Central | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021- 269 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Data Protection Search | Versions before 19.5.0.7 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-279 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Data Protection Advisor | | 18.x (or earlier) -standalone DPA is EOSL, 18.2.x (IDPA), 19.1.x, 19.2.x, 19.3.x, 19.4.x, 19.5.x, 19.6.0 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | [DSA-2021-309](https://www.dell.com/support/kbdoc/en-us/000194651/dsa-2021-309-dell-emc-dpa-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Data Protection Central | | 18.2.x-19.4.x, 19.5.0-19.5.0.7 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-269 | [DSA-2021-269](https://www.dell.com/support/kbdoc/en-us/000194557/dsa-2021-269-dell-emc-data-protection-central-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Data Protection Search | Versions before 19.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-279 | [DSA-2021-279](https://www.dell.com/support/kbdoc/en-us/000194629/dsa-2021-279-dell-emc-data-protection-search-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC DataIQ | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Disk Library for Mainframe | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC ECS | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/18/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Enterprise Storage Analytics for vRealize Operations | "<6.0.0 6.1.0 6.2.x" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-278 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Enterprise Storage Analytics for vRealize Operations | <6.0.0, 6.1.0, 6.2.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-278 | [DSA-2021-278](https://www.dell.com/support/kbdoc/en-us/000194488/dsa-2021-278) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC GeoDrive | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Integrated System for Azure Stack HCI | N/A | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | "Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. Apply workaround guidance and remediations as they become [available:](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Integrated System for Microsoft Azure Stack Hub | N/A | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Integrated System for Azure Stack HCI | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. See DSA-2021-307. | [DSA-2021-307](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Integrated System for Microsoft Azure Stack Hub | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 2022-01-31. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Isilon InsightIQ | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC License Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Metro Node | 7.0.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-308 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC NetWorker Server | "19.5.x 19.4.x 19.3.x" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC NetWorker Virtual Edition | "19.5.x 19.4.x 19.3.x" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Metro Node | Versions before 7.0.1 P2 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-308 | [DSA-2021-308](https://www.dell.com/support/kbdoc/en-us/000194630/dsa-2021) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC NetWorker | 19.4.x, 19.5.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | [DSA-2021-280](https://www.dell.com/support/kbdoc/en-us/000194541/dsa-2021-280-dell-emc-networker-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC NetWorker VE | 19.4.x, 19.5.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | [DSA-2021-280](https://www.dell.com/support/kbdoc/en-us/000194541/dsa-2021-280-dell-emc-networker-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Networking Onie | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Networking Virtual Edge Platform with VersaOS | "with Versa Concerto with Versa Analytics with Versa Concero Director" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-304 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Networking Virtual Edge Platform with VersaOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC OpenManage Ansible Modules | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC OpenManage Enterprise Services | Version 1.2 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | [DSA-2021-276](https://www.dell.com/support/kbdoc/en-us/000194652/dsa-2021-276-dell-emc-openmanage-enterprise-services-security-update-for-apache-log4j-remote-code-execution-vulnerabilities-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC OpenManage integration for Splunk | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC OpenManage Integration for VMware vCenter | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC OpenManage Management pack for vRealize Operations | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC PowerFlex Appliance | "All versions up to Intelligent Catalog 38_356_00_r10.zip All versions up to Intelligent Catalog 38_362_00_r7.zip" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC PowerFlex Rack | N/A | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC PowerFlex Software (SDS) | "3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerFlex Appliance | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-293. | [DSA-2021-293](https://www.dell.com/support/kbdoc/en-us/000194579/dsa-2021-293-dell-powerflex-appliance-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerFlex Rack | RCM 3.3 train - all versions up to 3.3.11.0, RCM 3.4 train - all versions up to 3.4.6.0, RCM 3.5 train - all versions up to 3.5.6.0, RCM 3.6 train - all versions up to 3.6.2.0 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-292. | [DSA-2021-292](https://www.dell.com/support/kbdoc/en-us/000194578/dsa-2021-292-dell-powerflex-rack-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerFlex Software (SDS) | 3.5, 3.5.1, 3.5.1.1, 3.5.1.2, 3.5.1.3, 3.5.1.4, 3.6, 3.6.0.1, 3.6.0.2 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-272. | [DSA-2021-272](https://www.dell.com/support/kbdoc/en-us/000194548/dsa-2021-272-dell-powerflex-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerPath | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerPath Management Appliance | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerProtect Cyber Recovery | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC PowerProtect Data Manager | All versions 19.9 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC PowerProtect DP Series Appliance (iDPA) | 2.7.0 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerProtect Data Manager | All versions 19.9 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-286. | [DSA-2021-286](https://www.dell.com/support/kbdoc/en-us/000194549/dsa-2021-286-dell-emc-power-protect-data-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerProtect DP Series Appliance (iDPA) | 2.7.0 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA 2021-285. | [DSA-2021-285](https://www.dell.com/support/kbdoc/en-us/000194532/dsa-2021-285-dell-emc-integrated-data-protection-appliance-powerprotect-dp-series-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerScale OneFS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerShell for PowerMax | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerShell for Powerstore | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerShell for Unity | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC PowerStore | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC PowerVault MD3 Series Storage Arrays | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerStore | Versions before 2.0.1.3-1538564 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-295. | [DSA-2021-295](https://www.dell.com/support/kbdoc/en-us/000194739/dsa-2021-295-dell-emc-powerstore-family-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-and-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerSwitch Z9264F-ON BMC | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC PowerSwitch Z9432F-ON BMC | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC PowerVault ME4 Series Storage Arrays | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC RecoverPoint Classic | All 5.1.x and later versions | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC RecoverPoint for Virtual Machine | All 5.0.x and later versions | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC RecoverPoint | All | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA 2021-284. | [DSA 2021-284](https://www.dell.com/support/kbdoc/en-us/000194531/dsa-2021-284-dell-emc-recoverpoint-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Repository Manager (DRM) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Ruckus SmartZone 100 Controller | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Ruckus SmartZone 300 Controller | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Ruckus Virtual Software | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Ruckus SmartZone 100 Controller | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | [DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Ruckus SmartZone 300 Controller | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | [DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Ruckus Virtual Software | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | [DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC SourceOne | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC SRM vApp | Versions before 4.6.0.2 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 1/25/2022 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Streaming Data Platform | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/18/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC SRM | | Versions before 4.6.0.2 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-301. | [DSA-2021-301](https://www.dell.com/support/kbdoc/en-us/000194613/dsa-2021-301) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Streaming Data Platform | 1.1, 1.2, 1.2 HF1, 1.3, 1.3.1 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-297. | [DSA-2021-297](https://www.dell.com/support/kbdoc/en-us/000194627/dsa-2021-297-dell-emc-streaming-data-platform-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Systems Update (DSU) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Unisphere 360 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC Unity | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/29/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC Unity | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-294. | [DSA-2021-294](https://www.dell.com/support/kbdoc/en-us/000194826/dsa-2021-294-dell-emc-unity-dell-emc-unityvsa-and-dell-emc-unity-xt-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC Virtual Storage Integrator | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC VPLEX | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell EMC VxRail | "4.5.x 4.7.x 7.0.x" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC vProtect | 19.5-19.9 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2022-007. | [DSA-2022-007](https://www.dell.com/support/kbdoc/en-us/000195003/title-dsa-2022-007-dell-emc-vprotect-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC VxRail | 4.5.x, 4.7.x, 7.0.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-265. | [DSA-2021-265](https://www.dell.com/support/kbdoc/en-us/000194466/dsa-2021-265-dell-emc-vxrail-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell EMC XC | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-311. | [DSA-2021-311](https://www.dell.com/support/kbdoc/en-us/000194822/dsa-2021-311-dell-emc-xc-series-and-core-appliance-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell EMC XtremIO | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Encryption Enterprise* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Encryption Personal* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -811,15 +825,18 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | Dell ImageAssist | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Insights Client | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Linux Assistant | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell Memory Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Mobile Connect | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Monitor ISP (Windows/Mac/Linux) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Monitor SDK | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Networking X-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell Open Manage Mobile | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell Open Manage Server Administrator | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell Open Management Enterprise - Modular | <1.40.10 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-268 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell OpenManage Change Management | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Dell OpenManage Enterprise Power Manager Plugin | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell OpenManage Enterprise | Versions before 3.8.2 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-275 | [DSA-2021-275](https://www.dell.com/support/kbdoc/en-us/000194638/dsa-2021-275-dell-emc-openmanage-enterprise-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell OpenManage Enterprise CloudIQ plugin | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell OpenManage Enterprise Modular | Versions before 1.40.10 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-268 | [DSA-2021-268](https://www.dell.com/support/kbdoc/en-us/000194625/dsa-2021-268-dell-emc-openmanage-enterprise-modular-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell OpenManage Enterprise Power Manager plugin | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell OpenManage Mobile | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Dell OpenManage Server Administrator | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Optimizer | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell OS Recovery Tool | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Peripheral Manager 1.4 / 1.5 for Windows | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -840,13 +857,13 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | Dell True Color | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Trusted Device | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dell Update | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | DellEMC OpenManage Enterprise Services | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Dream Catcher | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | DUP Creation Service | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | DUP Framework (ISG) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | ECS | | 3.3.x, 3.4.x, 3.5.x, 3.6.0.x, 3.6.1.x, 3.6.2.0 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-273. | [DSA-2021-273](https://www.dell.com/support/kbdoc/en-us/000194612/dsa-2021-273-dell-emc-ecs-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Embedded NAS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Embedded Service Enabler | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Enterprise Hybrid Cloud | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | [link](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Enterprise Hybrid Cloud | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-270. | [DSA-2021-270](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Equallogic PS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Fluid FS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | iDRAC Service Module (iSM) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -854,9 +871,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | Integrated Dell Remote Access Controller (iDRAC) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | ISG Accelerators | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | ISG Board & Electrical | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | ISG Drive & Storage Media | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | IsilonSD Management Server | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | IVE-WinDiag | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Mainframe Enablers | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | MDS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | My Dell | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | MyDell Mobile | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | NetWorker Management Console | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -864,7 +883,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | Networking DIAG | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Networking N-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Networking OS 10 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Networking OS9 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Networking OS 9 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Networking SD-WAN Edge SD-WAN | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Networking W-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Networking X-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -872,15 +891,18 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | OMNIA | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | OpenManage Connections - Nagios | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | OpenManage Connections - ServiceNow | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | OpenManage Enterprise | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | OpenManage Integration for Microsoft System Center for System Center Operations Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | OpenManage Integration with Microsoft Windows Admin Center | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | OpenManage Network Integration | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | OpenManage Power Center | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PowerConnect N3200 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PowerConnect PC2800 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PowerConnect PC8100 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | PowerEdge Accelerator Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PowerEdge BIOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | PowerEdge Networking Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PowerEdge Operating Systems | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | PowerEdge RAID Controller Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PowerTools Agent | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PPDM Kubernetes cProxy | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | PPDM VMware vProxy | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -890,8 +912,9 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | Rugged Control Center (RCC) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | SD ROM Utility | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | SDNAS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Secure Connect Gateway (SCG) Appliance | "5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-282 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Secure Connect Gateway (SCG) Policy Manager | "5.00.00.10 5.00.05.10" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-281 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Secure Connect Gateway (SCG) Appliance | "5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-282 | [] | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Secure Connect Gateway (SCG) Appliance | | 5.00.00, 5.00.05, and 4.0.06 and earlier versions (OVF and VHD) | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-282 | [DSA-2021-282](https://www.dell.com/support/kbdoc/en-us/000194624/dsa-2021-282-dell-emc-secure-connect-gateway-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Secure Connect Gateway (SCG) Policy Manager | | 5.00.00.10, 5.00.05.10 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-281 | [DSA-2021-281](https://www.dell.com/support/kbdoc/en-us/000194539/dsa-2021-281-dell-emc-policy-manager-for-secure-connect-gateway-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Server Storage | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Smart Fabric Storage Software | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | SmartByte | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | @@ -900,103 +923,108 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Dell | Solutions Enabler | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Solutions Enabler vApp | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Sonic | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | SRS Policy Manager | 7 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | SRS Policy Manager | | 7.0 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-287. | [DSA-2021-287](https://www.dell.com/support/kbdoc/en-us/000194544/dsa-2021-287-dell-emc-srs-policy-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | SRS VE | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Storage Center - Dell Storage Manager | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Storage Center - Dell Storage Manager | 16.x, 17.x, 18.x, 19.x, 20.1.1 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-310. | [DSA-2021-310](https://www.dell.com/support/kbdoc/en-us/000194790/dsa-2021-310-storage-center-dell-storage-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Storage Center OS and additional SC applications unless otherwise noted | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | SupportAssist Client Commercial | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | SupportAssist Client Consumer | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | SupportAssist Enterprise | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | SupportAssist Enterprise | 2.0.70 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-283. | [DSA-2021-283](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | UCC Edge | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Unisphere Central | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 1/10/2022 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Unisphere Central | | Versions before 4.0 SP 9.2 (4.0.9.1541235) | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-296. | [DSA-2021-296](https://www.dell.com/support/kbdoc/en-us/000194874/dsa-2021-296-dell-emc-unisphere-central-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Unisphere for PowerMax | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Unisphere for PowerMax vApp | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Unisphere for VMAX | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Unisphere for VNX | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Update Manager Plugin | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Vblock | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending See vce6771 (requires customer login) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Vblock | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. | [vce6771](https://support-dellemc-com.secure.force.com/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | ViPR Controller | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | VMware vRealize Automation 8.x | "8.2 8.3 8.4 8.5 and 8.6" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | VMware vRealize Orchestrator 8.x | "8.2 8.3 8.4 8.5 and 8.6" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | VMware vRealize Automation 8.x | 8.2 8.3 8.4 8.5 and 8.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | VMware vRealize Orchestrator 8.x | 8.2 8.3 8.4 8.5 and 8.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | VNX Control Station | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | VNX1 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | VNX2 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | VNXe 1600 | Versions 3.1.16.10220572 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | VNXe 3200 | Version 3.1.15.10216415 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | VNXe 1600 | | Versions 3.1.16.10220572 and earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-299 | [DSA-2021-299](https://www.dell.com/support/kbdoc/en-us/000194605/dsa-2021-299-dell-emc-vnxe1600-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228?lang=en) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | VNXe 3200 | | Version 3.1.15.10216415 and earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-298 | [DSA-2021-298](https://www.dell.com/support/kbdoc/en-us/000194606/dsa-2021-298-dell-emc-vnxe3200-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228?lang=en) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | VPLEX VS2/VS6 / VPLEX Witness | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | vRealize Data Protection Extension Data Management | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | vRealize Data Protection Extension for vRealize Automation (vRA) 8.x | "version 19.6 version 19.7 version 19.8 and version 19.9" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage | Various | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | vRO Plugin for Dell EMC PowerMax | Version 1.2.3 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | vRO Plugin for Dell EMC PowerScale | Version 1.1.0 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | vRealize Data Protection Extension Data Management | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-290. | [DSA-2021-290](https://www.dell.com/support/kbdoc/en-us/000194614/dsa-2021-290-dell-emc-vrealize-data-protection-extension-for-vrealize-automation-vra-8-x-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300. | [DSA-2021-300](https://www.dell.com/support/kbdoc/en-us/000194610/dsa-2021-300) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | vRO Plugin for Dell EMC PowerMax | | Version 1.2.3 or earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | vRO Plugin for Dell EMC PowerScale | | Version 1.1.0 or earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | vRO Plugin for Dell EMC PowerStore | Version 1.1.4 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | vRO Plugin for Dell EMC Unity | Version 1.0.6 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | vRO Plugin for Dell EMC XtremIO | Version 4.1.2 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Vsan Ready Nodes | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | VxBlock | | | Unknown | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | "Patch pending See vce6771 (requires customer login) " | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | VxBlock | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. | [vce6771](https://support-dellemc-com.secure.force.com/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Warnado MLK (firmware) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| Dell | Wyse Management Suite | <3.5 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-267 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dell | Wyse Management Suite | | < 3.5 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-267 | [DSA-2021-267](https://www.dell.com/support/kbdoc/en-us/000194459/dsa-2021-267-dell-wyse-management-suite-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Wyse Proprietary OS (ThinOS) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Dell | Wyse Windows Embedded Suite | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Deltares | Delft-FEWS | | >2018.02 | Fixed | [link](https://publicwiki.deltares.nl/display/FEWSDOC/Delft-FEWS+and+Log4J+vulnerability) | Mitigations Only | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | -| Denequa | | | | Unknown | [link](https://denequa.de/log4j-information.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Device42 | | | | Unknown | [link](https://blog.device42.com/2021/12/13/log4j-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Devolutions | All products | | | Unknown | [link](https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Diebold Nixdorf | | | | Unknown | [link](https://www.dieboldnixdorf.com/en-us/apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Digi International | AnywhereUSB Manager | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | ARMT | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Aview | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | AVWOB | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | CTEK G6200 family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | CTEK SkyCloud | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | CTEK Z45 family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi 54xx family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi 63xx family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi AnywhereUSB (G2) family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi AnywhereUSB Plus family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Connect EZ family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Connect family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Connect IT family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Connect Sensor family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Connect WS family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi ConnectPort family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi ConnectPort LTS family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Embedded Android | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Embedded Yocto | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi EX routers | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi IX routers | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi LR54 | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Navigator | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi One family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Passport family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi PortServer TS family | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Remote Manager | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi TX routers | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi WR11 | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi WR21 | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi WR31 | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi WR44R/RR | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi WR54 | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi WR64 | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Digi Xbee mobile app | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Lighthouse | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Realport | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digi International | Remote Hub Config Utility | | | Unknown | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Digicert | | | | Unknown | [link](https://knowledge.digicert.com/alerts/digicert-log4j-response.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Digital AI | | | | Unknown | [link](https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Denequa | All | | | Unknown | [link](https://denequa.de/log4j-information.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Device42 | All | | | Not Affected | [link](https://blog.device42.com/2021/12/13/log4j-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Devolutions | All | | | Not Affected | [link](https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Diebold Nixdorf | All | | | Unknown | [link](https://www.dieboldnixdorf.com/en-us/apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Digi International | AnywhereUSB Manager | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | ARMT | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Aview | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | AVWOB | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | CTEK G6200 family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | CTEK SkyCloud | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | CTEK Z45 family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi 54xx family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi 63xx family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi AnywhereUSB (G2) family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi AnywhereUSB Plus family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Connect EZ family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Connect family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Connect IT family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Connect Sensor family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Connect WS family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi ConnectPort family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi ConnectPort LTS family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Embedded Android | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Embedded Yocto | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi EX routers | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi IX routers | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi LR54 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Navigator | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi One family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Passport family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi PortServer TS family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Remote Manager | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi TX routers | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi WR11 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi WR21 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi WR31 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi WR44R/RR | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi WR54 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi WR64 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Digi Xbee mobile app | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Lighthouse | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Realport | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digi International | Remote Hub Config Utility | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Digicert | All | | | Unknown | [link](https://knowledge.digicert.com/alerts/digicert-log4j-response.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Digital AI | All | | | Unknown | [link](https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Digital Alert Systems | All | | | Unknown | [link](https://www.digitalalertsystems.com/default-2.htm) | Formerly Monroe Electronics, Inc. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | -| DNSFilter | | | | Unknown | [link](https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Docker | | | | Unknown | [link](https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Docusign | | | | Unknown | [link](https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| DrayTek | Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform | | | Unknown | [link](https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| DSpace | | | | Unknown | [link](https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Dynatrace | ActiveGate | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Dynatrace | Dynatrace Extensions | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Dynatrace | FedRamp SAAS | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Dynatrace | Managed cluster nodes | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Dynatrace | OneAgent | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Dynatrace | SAAS | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Dynatrace | Synthetic Private ActiveGate | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Dynatrace | Synthetic public locations | | | Unknown | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| DirectAdmin | All | | | Not Affected | [link](https://forum.directadmin.com/threads/new-zero-day-exploit-for-log4j-java-library-is-an-enterprise-nightmare.65173/#post-339723) | Invidivual plugins not developed as part of DirectAdmin core may be vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | +| DNSFilter | All | | | Unknown | [link](https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Docker | Infrastructure | | | Not Affected | [link](https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/) | Docker infrastructure not vulnerable, Docker images could be vulnerable. For more info see source. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Docusign | All | | | Unknown | [link](https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| DotCMS | Hybrid Content Management System | | | Fixed | [link](https://github.com/dotCMS/core/issues/21393) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| DrayTek | All | | | Not Affected | [link](https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dropwizard | All | | | Not Affected | [link](https://twitter.com/dropwizardio/status/1469285337524580359) | Only vulnerable if you manually added Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Dräger | All | | | Not Affected | [link](https://static.draeger.com/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| DSpace | All | | | Unknown | [link](https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Dynatrace | ActiveGate | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | Cloud Services | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | Extensions | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | FedRamp SAAS | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | Managed cluster nodes | | | Not Affected | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | OneAgent | | | Not Affected | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | SAAS | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | Synthetic Private ActiveGate | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Dynatrace | Synthetic public locations | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | EasyRedmine | | | | Unknown | [link](https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Eaton | Undisclosed | Undisclosed | | Affected | [link](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf) | Doesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | EclecticIQ | | | | Unknown | [link](https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | diff --git a/data/cisagov.yml b/data/cisagov.yml index e2d8bd9..e3488a3 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -19067,8 +19067,8 @@ software: unaffected_versions: [] vendor_links: - https://www.daktronics.com/en-us/support/kb/000025337 - notes: 'DWP-1000: Not present in our codebase, but awaiting confirmation from - LG re: webOS platform.' + notes: DWP-1000 is not present in our codebase, but awaiting confirmation from + LG re webOS platform. references: - '' last_updated: '2022-01-06T00:00:00' @@ -19222,8 +19222,8 @@ software: unaffected_versions: [] vendor_links: - https://www.daktronics.com/en-us/support/kb/000025337 - notes: 'DMS Web Player: Not present in our codebase, but awaiting confirmation - from LG re: webOS platform.' + notes: DMS Web Player not present in our codebase, but awaiting confirmation from + LG re webOS platform. references: - '' last_updated: '2022-01-06T00:00:00' @@ -19566,7 +19566,7 @@ software: - '' last_updated: '2022-01-06T00:00:00' - vendor: DarkTrace - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -19590,12 +19590,13 @@ software: unaffected_versions: [] vendor_links: - https://customerportal.darktrace.com/inside-the-soc/get-article/201 - notes: '' + notes: This advisory is available to customer only and has not been reviewed by + CISA. references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dassault Systèmes - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -19619,12 +19620,13 @@ software: unaffected_versions: [] vendor_links: - https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e - notes: '' + notes: This advisory is available to customer only and has not been reviewed by + CISA. references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Databricks - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -19656,10 +19658,11 @@ software: product: Datadog Agent cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-44228: investigated: true affected_versions: [] @@ -19681,12 +19684,75 @@ software: unaffected_versions: [] vendor_links: - https://www.datadoghq.com/log4j-vulnerability/ - notes: '' + notes: JMX monitoring component leverages an impacted version of log4j. + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Datadog + product: datadog-kafka-connect-logs + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 1.0.2 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.datadoghq.com/log4j-vulnerability/ + notes: Version 1.0.2 of the library uses version 2.16.0 of Log4j. + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Datadog + product: datadog-lambda-java + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 1.0.2 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.datadoghq.com/log4j-vulnerability/ + notes: Following AWS recommendation, library updated using the latest version + of amazon-lambda-java-log4j2 (1.4.0). references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dataminer - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -19744,7 +19810,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datto - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -19772,8 +19838,41 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' + - vendor: DBeaver + product: All + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dcache.org/post/log4j-vulnerability/ + notes: '' + references: + - '' + last_updated: '2021-12-15T07:18:50+00:00' - vendor: dCache.org - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -19802,18 +19901,20 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Debian - product: '' + product: Apache-log4j.1.2 cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - stretch, buster, bullseye cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - stretch, buster, bullseye cve-2021-45046: investigated: false affected_versions: [] @@ -19830,19 +19931,21 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Deepinstinct - product: '' + - vendor: Debian + product: Apache-log4j2 cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - stretch, buster, bullseye cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - stretch, buster, bullseye cve-2021-45046: investigated: false affected_versions: [] @@ -19854,175 +19957,191 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know + - https://security-tracker.debian.org/tracker/CVE-2021-44228 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Dell - product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' + - vendor: Decos + product: Cloud cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - All cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: '"Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC"' + last_updated: '2022-02-01T07:18:50+00:00' + - vendor: Decos + product: EvenementenAssistent + InkomensAssistent + Leerlingenvervoer + AIM online cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - All cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Alienware Command Center + last_updated: '2022-02-01T07:18:50+00:00' + - vendor: Decos + product: Fixi cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - All cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Alienware OC Controls + last_updated: '2022-02-01T07:18:50+00:00' + - vendor: Decos + product: Integrations (StUF/ZGW/Doclogic-DataIntegrator) cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - All cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Alienware On Screen Display + last_updated: '2022-02-01T07:18:50+00:00' + - vendor: Decos + product: JOIN Klant Contact cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - All cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Alienware Update + last_updated: '2022-02-01T07:18:50+00:00' + - vendor: Decos + product: JOIN Zaak &I Document (on-premise) cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - All + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -20032,7 +20151,628 @@ software: investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: [] + vendor_links: + - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 + notes: The solution contains Elasticsearch (vulnerable). Mitigating actions available + on our WIKI. + references: + - '' + last_updated: '2022-02-01T07:18:50+00:00' + - vendor: Decos + product: JOIN Zaak &I Document (on-premise) + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 + notes: The SaaS hosted solution contains Logstash + Elasticsearch (vulnerable). + Mitigating actions taken. + references: + - '' + last_updated: '2022-02-01T07:18:50+00:00' + - vendor: Deepinstinct + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Dell + product: Alienware Command Center + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Alienware OC Controls + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Alienware On Screen Display + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Alienware Update + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: APEX Console + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patched. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: APEX Data Storage Services + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: + - '' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: + - '' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: true + affected_versions: + - '' + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patch in progress. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Atmos + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Avamar vproxy + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: CalMAN Powered Calibration Firmware + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: CalMAN Ready for Dell + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Centera + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Chameleon Linux Based Diagnostics + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Chassis Management Controller (CMC) + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: China HDD Deluxe + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Client Platforms (Latitude, OptiPlex, Alienware, Inspiron, Precision, + XPS, Vostro, ChengMing) BIOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Cloud IQ + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patched. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Cloud Mobility for Dell EMC Storage + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' @@ -20040,88 +20780,98 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: APEX Console + product: Cloud Tiering Appliance cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: - - N/A - unaffected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Cloud environment patched + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: APEX Data Storage Services + product: CloudIQ Collector cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Cloud environment patch in progress + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Atmos + product: Common Event Enabler cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' @@ -20129,29 +20879,32 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Azure Stack HCI + product: Connectrix (Cisco MDS 9000 switches) cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' @@ -20159,70 +20912,71 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: CalMAN Powered Calibration Firmware + product: Connectrix (Cisco MDS DCNM) cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: Versions prior to 11.5(1x) fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - '' fixed_versions: [] unaffected_versions: [] cve-2021-45105: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - '' fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch expected by 12/23/21. references: - - '' + - '[DSA-2021-302](https://www.dell.com/support/kbdoc/en-us/000194797/dsa-2021-302-dell-connectrix-mds-dcnm-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: CalMAN Ready for Dell + product: Connectrix B-Series SANnav cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - 2.1.1 fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch expected by 2/28/2022. references: - - '' + - '[DSA-2021-266](https://www.dell.com/support/kbdoc/en-us/000194461/dsa-2021-266-dell-emc-connectrix-b-series-sannav-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Centera + product: Connextrix B Series cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] @@ -20231,14 +20985,14 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] @@ -20249,7 +21003,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Chameleon Linux Based Diagnostics + product: CyberSecIQ Application cves: cve-2021-4104: investigated: false @@ -20261,7 +21015,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20279,7 +21033,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Chassis Management Controller (CMC) + product: CyberSense for PowerProtect Cyber Recovery cves: cve-2021-4104: investigated: false @@ -20291,7 +21045,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20309,7 +21063,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: China HDD Deluxe + product: Data Domain OS cves: cve-2021-4104: investigated: false @@ -20318,10 +21072,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - Versions from 7.3.0.5 to 7.7.0.6 fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -20334,12 +21088,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-274 references: - - '' + - '[DSA-2021-274](https://www.dell.com/support/kbdoc/en-us/000194503/dsa-2021-274-dell-emc-data-domain-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Cloud IQ + product: Dell BSAFE Crypto-C Micro Edition cves: cve-2021-4104: investigated: false @@ -20347,10 +21101,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20363,12 +21118,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Cloud environment patched + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Cloud Mobility for Dell EMC Storage + product: Dell BSAFE Crypto-J cves: cve-2021-4104: investigated: false @@ -20380,7 +21135,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20398,7 +21153,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Cloud Tiering Appliance + product: Dell BSAFE Micro Edition Suite cves: cve-2021-4104: investigated: false @@ -20410,7 +21165,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20428,7 +21183,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Connectrix (Cisco MDS 9000 switches) + product: Dell Calibration Assistant cves: cve-2021-4104: investigated: false @@ -20440,7 +21195,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20458,7 +21213,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Connectrix (Cisco MDS DCNM) + product: Dell Cinema Color cves: cve-2021-4104: investigated: false @@ -20466,10 +21221,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20482,12 +21238,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/23/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Connectrix B-Series SANnav + product: Dell Cloud Command Repository Manager cves: cve-2021-4104: investigated: false @@ -20496,10 +21252,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - 2.1.1 + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20512,12 +21268,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 3/31/2022 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Connextrix B Series + product: Dell Cloud Management Agent cves: cve-2021-4104: investigated: false @@ -20529,7 +21285,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20547,7 +21303,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: CyberSecIQ Application + product: Dell Color Management cves: cve-2021-4104: investigated: false @@ -20559,7 +21315,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20577,7 +21333,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: CyberSense for PowerProtect Cyber Recovery + product: Dell Command Configure cves: cve-2021-4104: investigated: false @@ -20589,7 +21345,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20607,7 +21363,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Data Domain OS + product: Dell Command Integration Suite for System Center cves: cve-2021-4104: investigated: false @@ -20616,10 +21372,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20632,12 +21388,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-274 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell BSAFE Crypto-C Micro Edition + product: Dell Command Intel vPro Out of Band cves: cve-2021-4104: investigated: false @@ -20649,7 +21405,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20667,7 +21423,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell BSAFE Crypto-J + product: Dell Command Monitor cves: cve-2021-4104: investigated: false @@ -20679,7 +21435,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20697,7 +21453,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell BSAFE Micro Edition Suite + product: Dell Command Power Manager cves: cve-2021-4104: investigated: false @@ -20709,7 +21465,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20727,7 +21483,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Calibration Assistant + product: Dell Command PowerShell Provider cves: cve-2021-4104: investigated: false @@ -20739,7 +21495,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20757,7 +21513,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Cinema Color + product: Dell Command Update cves: cve-2021-4104: investigated: false @@ -20769,7 +21525,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20787,7 +21543,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Cloud Command Repository Manager + product: Dell Customer Connect cves: cve-2021-4104: investigated: false @@ -20799,7 +21555,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20817,7 +21573,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Cloud Management Agent + product: Dell Data Guardian* cves: cve-2021-4104: investigated: false @@ -20829,7 +21585,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20847,7 +21603,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Color Management + product: Dell Data Protection* cves: cve-2021-4104: investigated: false @@ -20859,7 +21615,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20877,7 +21633,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Command Configure + product: Dell Data Recovery Environment cves: cve-2021-4104: investigated: false @@ -20889,7 +21645,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20907,7 +21663,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Command Integration Suite for System Center + product: Dell Data Vault cves: cve-2021-4104: investigated: false @@ -20919,7 +21675,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20937,7 +21693,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Command Intel vPro Out of Band + product: Dell Data Vault for Chrome OS cves: cve-2021-4104: investigated: false @@ -20949,7 +21705,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20967,7 +21723,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Command Monitor + product: Dell Deployment Agent cves: cve-2021-4104: investigated: false @@ -20979,7 +21735,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -20997,7 +21753,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Command Power Manager + product: Dell Digital Delivery cves: cve-2021-4104: investigated: false @@ -21009,7 +21765,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21027,7 +21783,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Command PowerShell Provider + product: Dell Direct USB Key cves: cve-2021-4104: investigated: false @@ -21039,7 +21795,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21057,7 +21813,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Command Update + product: Dell Display Manager 1.5 for Windows / macOS cves: cve-2021-4104: investigated: false @@ -21069,7 +21825,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21087,7 +21843,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Customer Connect + product: Dell Display Manager 2.0 for Windows / macOS cves: cve-2021-4104: investigated: false @@ -21099,7 +21855,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21117,7 +21873,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Data Guardian* + product: Dell EMC AppSync cves: cve-2021-4104: investigated: false @@ -21129,7 +21885,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21147,7 +21903,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Data Protection* + product: Dell EMC Avamar cves: cve-2021-4104: investigated: false @@ -21156,10 +21912,14 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - '18.2' + - '19.1' + - '19.2' + - '19.3' + - '19.4' fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21172,12 +21932,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch expected by 12/20/21. references: - - '' + - '[DSA-2021-277](https://www.dell.com/support/kbdoc/en-us/000194480/dsa-2021-277-dell-emc-avamar-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Data Recovery Environment + product: Dell EMC BSN Controller Node cves: cve-2021-4104: investigated: false @@ -21187,9 +21947,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - '' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21202,12 +21962,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-305 references: - - '' + - '[DSA-2021-305](https://www.dell.com/support/kbdoc/en-us/000194631/dsa-2021-305-dell-emc-bsn-controller-node-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Data Vault + product: Dell EMC Cloud Disaster Recovery cves: cve-2021-4104: investigated: false @@ -21216,10 +21976,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - Versions from 19.6 and later fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21232,12 +21992,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch pending references: - - '' + - '[DSA-2021-289](https://www.dell.com/support/kbdoc/en-us/000194663/dsa-2021-289-dell-emc-cloud-disaster-recovery-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-and-cve-2021-45046)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Data Vault for Chrome OS + product: Dell EMC Cloudboost cves: cve-2021-4104: investigated: false @@ -21249,7 +22009,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21267,7 +22027,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Deployment Agent + product: Dell EMC CloudLink cves: cve-2021-4104: investigated: false @@ -21279,7 +22039,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21297,7 +22057,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Digital Delivery + product: Dell EMC Container Storage Modules cves: cve-2021-4104: investigated: false @@ -21309,7 +22069,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21327,7 +22087,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Direct USB Key + product: Dell EMC Data Computing Appliance (DCA) cves: cve-2021-4104: investigated: false @@ -21339,7 +22099,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21357,7 +22117,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Display Manager 1.5 for Windows / macOS + product: Dell EMC Data Protection Advisor cves: cve-2021-4104: investigated: false @@ -21367,9 +22127,16 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - 18.x (or earlier) -standalone DPA is EOSL + - 18.2.x (IDPA) + - 19.1.x + - 19.2.x + - 19.3.x + - 19.4.x + - 19.5.x + - 19.6.0 + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21384,10 +22151,10 @@ software: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - - '' + - '[DSA-2021-309](https://www.dell.com/support/kbdoc/en-us/000194651/dsa-2021-309-dell-emc-dpa-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Display Manager 2.0 for Windows / macOS + product: Dell EMC Data Protection Central cves: cve-2021-4104: investigated: false @@ -21397,9 +22164,10 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - 18.2.x-19.4.x + - 19.5.0-19.5.0.7 + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21412,12 +22180,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-269 references: - - '' + - '[DSA-2021-269](https://www.dell.com/support/kbdoc/en-us/000194557/dsa-2021-269-dell-emc-data-protection-central-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC AppSync + product: Dell EMC Data Protection Search cves: cve-2021-4104: investigated: false @@ -21426,10 +22194,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - Versions before 19.6 fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21442,12 +22210,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-279 references: - - '' + - '[DSA-2021-279](https://www.dell.com/support/kbdoc/en-us/000194629/dsa-2021-279-dell-emc-data-protection-search-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Avamar + product: Dell EMC DataIQ cves: cve-2021-4104: investigated: false @@ -21456,10 +22224,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"18.2 19.1 19.2 19.3 19.4"' + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21472,12 +22240,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC BSN Controller Node + product: Dell EMC Disk Library for Mainframe cves: cve-2021-4104: investigated: false @@ -21485,10 +22253,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21501,12 +22270,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-305 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Cloud Disaster Recovery + product: Dell EMC Enterprise Storage Analytics for vRealize Operations cves: cve-2021-4104: investigated: false @@ -21516,7 +22285,9 @@ software: cve-2021-44228: investigated: true affected_versions: - - N/A + - <6.0.0 + - 6.1.0 + - 6.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -21531,12 +22302,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: See DSA-2021-278 references: - - '' + - '[DSA-2021-278](https://www.dell.com/support/kbdoc/en-us/000194488/dsa-2021-278)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Cloudboost + product: Dell EMC GeoDrive cves: cve-2021-4104: investigated: false @@ -21548,7 +22319,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21566,7 +22337,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC CloudLink + product: Dell EMC Integrated System for Azure Stack HCI cves: cve-2021-4104: investigated: false @@ -21575,10 +22346,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - '' fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21591,12 +22362,15 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Dell EMC Integrated System for Azure Stack HCI is not impacted by this + advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect + Gateway (SCG) were optionally installed with Dell EMC Integrated System for + Azure Stack HCI monitor the following advisories. See DSA-2021-307. references: - - '' + - '[DSA-2021-307](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Container Storage Modules + product: Dell EMC Integrated System for Microsoft Azure Stack Hub cves: cve-2021-4104: investigated: false @@ -21605,10 +22379,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - '' fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21621,12 +22395,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch expected by 2022-01-31. references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Data Computing Appliance (DCA) + product: Dell EMC Isilon InsightIQ cves: cve-2021-4104: investigated: false @@ -21638,7 +22412,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21656,7 +22430,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Data Protection Advisor + product: Dell EMC License Manager cves: cve-2021-4104: investigated: false @@ -21668,7 +22442,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21686,7 +22460,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Data Protection Central + product: Dell EMC Metro Node cves: cve-2021-4104: investigated: false @@ -21694,8 +22468,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - Versions before 7.0.1 P2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -21710,12 +22485,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021- 269 + notes: See DSA-2021-308 references: - - '' + - '[DSA-2021-308](https://www.dell.com/support/kbdoc/en-us/000194630/dsa-2021)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Data Protection Search + product: Dell EMC NetWorker cves: cve-2021-4104: investigated: false @@ -21725,7 +22500,8 @@ software: cve-2021-44228: investigated: true affected_versions: - - Versions before 19.5.0.7 + - 19.4.x + - 19.5.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -21740,12 +22516,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-279 + notes: Patch expected by 12/20/21 references: - - '' + - '[DSA-2021-280](https://www.dell.com/support/kbdoc/en-us/000194541/dsa-2021-280-dell-emc-networker-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC DataIQ + product: Dell EMC NetWorker VE cves: cve-2021-4104: investigated: false @@ -21754,10 +22530,11 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - 19.4.x + - 19.5.x fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21770,12 +22547,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch expected by 12/20/21 references: - - '' + - '[DSA-2021-280](https://www.dell.com/support/kbdoc/en-us/000194541/dsa-2021-280-dell-emc-networker-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Disk Library for Mainframe + product: Dell EMC Networking Onie cves: cve-2021-4104: investigated: false @@ -21787,7 +22564,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21805,7 +22582,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC ECS + product: Dell EMC Networking Virtual Edge Platform with VersaOS cves: cve-2021-4104: investigated: false @@ -21813,10 +22590,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21829,12 +22607,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/18/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Enterprise Storage Analytics for vRealize Operations + product: Dell EMC OpenManage Ansible Modules cves: cve-2021-4104: investigated: false @@ -21843,10 +22621,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"<6.0.0 6.1.0 6.2.x"' + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21859,12 +22637,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-278 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC GeoDrive + product: Dell EMC OpenManage Enterprise Services cves: cve-2021-4104: investigated: false @@ -21873,10 +22651,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - Version 1.2 and earlier fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -21889,12 +22667,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch expected by 12/20/21 references: - - '' + - '[DSA-2021-276](https://www.dell.com/support/kbdoc/en-us/000194652/dsa-2021-276-dell-emc-openmanage-enterprise-services-security-update-for-apache-log4j-remote-code-execution-vulnerabilities-cve-2021-44228-cve-2021-45046)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Integrated System for Azure Stack HCI + product: Dell EMC OpenManage integration for Splunk cves: cve-2021-4104: investigated: false @@ -21903,10 +22681,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - N/A + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21919,16 +22697,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '"Dell EMC Integrated System for Azure Stack HCI is not impacted by this - advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect - Gateway (SCG) were optionally installed with Dell EMC Integrated System for - Azure Stack HCI monitor the following advisories. Apply workaround guidance - and remediations as they become [available:](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Integrated System for Microsoft Azure Stack Hub + product: Dell EMC OpenManage Integration for VMware vCenter cves: cve-2021-4104: investigated: false @@ -21937,10 +22711,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - N/A + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21953,12 +22727,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Isilon InsightIQ + product: Dell EMC OpenManage Management pack for vRealize Operations cves: cve-2021-4104: investigated: false @@ -21970,7 +22744,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -21988,7 +22762,8 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC License Manager + product: Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge + Manager cves: cve-2021-4104: investigated: false @@ -22000,7 +22775,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22018,7 +22793,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Metro Node + product: Dell EMC PowerFlex Appliance cves: cve-2021-4104: investigated: false @@ -22028,7 +22803,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 7.0.x + - '' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -22043,12 +22818,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-308 + notes: See DSA-2021-293. references: - - '' + - '[DSA-2021-293](https://www.dell.com/support/kbdoc/en-us/000194579/dsa-2021-293-dell-powerflex-appliance-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC NetWorker Server + product: Dell EMC PowerFlex Rack cves: cve-2021-4104: investigated: false @@ -22058,7 +22833,10 @@ software: cve-2021-44228: investigated: true affected_versions: - - '"19.5.x 19.4.x 19.3.x"' + - RCM 3.3 train - all versions up to 3.3.11.0 + - RCM 3.4 train - all versions up to 3.4.6.0 + - RCM 3.5 train - all versions up to 3.5.6.0 + - RCM 3.6 train - all versions up to 3.6.2.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -22073,12 +22851,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 + notes: See DSA-2021-292. references: - - '' + - '[DSA-2021-292](https://www.dell.com/support/kbdoc/en-us/000194578/dsa-2021-292-dell-powerflex-rack-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC NetWorker Virtual Edition + product: Dell EMC PowerFlex Software (SDS) cves: cve-2021-4104: investigated: false @@ -22088,7 +22866,15 @@ software: cve-2021-44228: investigated: true affected_versions: - - '"19.5.x 19.4.x 19.3.x"' + - '3.5' + - 3.5.1 + - 3.5.1.1 + - 3.5.1.2 + - 3.5.1.3 + - 3.5.1.4 + - '3.6' + - 3.6.0.1 + - 3.6.0.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -22103,12 +22889,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 + notes: See DSA-2021-272. references: - - '' + - '[DSA-2021-272](https://www.dell.com/support/kbdoc/en-us/000194548/dsa-2021-272-dell-powerflex-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Networking Onie + product: Dell EMC PowerPath cves: cve-2021-4104: investigated: false @@ -22120,7 +22906,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22138,7 +22924,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Networking Virtual Edge Platform with VersaOS + product: Dell EMC PowerPath Management Appliance cves: cve-2021-4104: investigated: false @@ -22147,10 +22933,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"with Versa Concerto with Versa Analytics with Versa Concero Director"' + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22163,12 +22949,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-304 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC OpenManage Ansible Modules + product: Dell EMC PowerProtect Cyber Recovery cves: cve-2021-4104: investigated: false @@ -22180,7 +22966,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22198,7 +22984,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC OpenManage integration for Splunk + product: Dell EMC PowerProtect Data Manager cves: cve-2021-4104: investigated: false @@ -22207,10 +22993,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - All versions 19.9 and earlier fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -22223,12 +23009,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-286. references: - - '' + - '[DSA-2021-286](https://www.dell.com/support/kbdoc/en-us/000194549/dsa-2021-286-dell-emc-power-protect-data-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC OpenManage Integration for VMware vCenter + product: Dell EMC PowerProtect DP Series Appliance (iDPA) cves: cve-2021-4104: investigated: false @@ -22237,10 +23023,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - 2.7.0 and earlier fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -22253,12 +23039,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA 2021-285. references: - - '' + - '[DSA-2021-285](https://www.dell.com/support/kbdoc/en-us/000194532/dsa-2021-285-dell-emc-integrated-data-protection-appliance-powerprotect-dp-series-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC OpenManage Management pack for vRealize Operations + product: Dell EMC PowerScale OneFS cves: cve-2021-4104: investigated: false @@ -22270,7 +23056,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22288,8 +23074,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge - Manager + product: Dell EMC PowerShell for PowerMax cves: cve-2021-4104: investigated: false @@ -22301,7 +23086,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22319,7 +23104,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerFlex Appliance + product: Dell EMC PowerShell for Powerstore cves: cve-2021-4104: investigated: false @@ -22328,11 +23113,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"All versions up to Intelligent Catalog 38_356_00_r10.zip All versions - up to Intelligent Catalog 38_362_00_r7.zip"' + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22345,12 +23129,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerFlex Rack + product: Dell EMC PowerShell for Unity cves: cve-2021-4104: investigated: false @@ -22359,10 +23143,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - N/A + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22375,12 +23159,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerFlex Software (SDS) + product: Dell EMC PowerStore cves: cve-2021-4104: investigated: false @@ -22390,7 +23174,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '"3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2"' + - Versions before 2.0.1.3-1538564 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -22405,12 +23189,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: See DSA-2021-295. references: - - '' + - '[DSA-2021-295](https://www.dell.com/support/kbdoc/en-us/000194739/dsa-2021-295-dell-emc-powerstore-family-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-and-cve-2021-45046)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerPath + product: Dell EMC PowerSwitch Z9264F-ON BMC cves: cve-2021-4104: investigated: false @@ -22422,7 +23206,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22440,7 +23224,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerPath Management Appliance + product: Dell EMC PowerSwitch Z9432F-ON BMC cves: cve-2021-4104: investigated: false @@ -22452,7 +23236,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22470,7 +23254,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerProtect Cyber Recovery + product: Dell EMC PowerVault ME4 Series Storage Arrays cves: cve-2021-4104: investigated: false @@ -22482,7 +23266,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22500,7 +23284,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerProtect Data Manager + product: Dell EMC RecoverPoint cves: cve-2021-4104: investigated: false @@ -22510,7 +23294,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - All versions 19.9 and earlier + - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -22525,12 +23309,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: See DSA 2021-284. references: - - '' + - '[DSA 2021-284](https://www.dell.com/support/kbdoc/en-us/000194531/dsa-2021-284-dell-emc-recoverpoint-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerProtect DP Series Appliance (iDPA) + product: Dell EMC Repository Manager (DRM) cves: cve-2021-4104: investigated: false @@ -22539,10 +23323,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - 2.7.0 and earlier + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22555,12 +23339,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerScale OneFS + product: Dell EMC Ruckus SmartZone 100 Controller cves: cve-2021-4104: investigated: false @@ -22570,9 +23354,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - '' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -22585,12 +23369,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-303 references: - - '' + - '[DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerShell for PowerMax + product: Dell EMC Ruckus SmartZone 300 Controller cves: cve-2021-4104: investigated: false @@ -22600,9 +23384,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - '' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -22615,12 +23399,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-303 references: - - '' + - '[DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerShell for Powerstore + product: Dell EMC Ruckus Virtual Software cves: cve-2021-4104: investigated: false @@ -22630,9 +23414,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - '' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -22645,12 +23429,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-303 references: - - '' + - '[DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerShell for Unity + product: Dell EMC SourceOne cves: cve-2021-4104: investigated: false @@ -22662,7 +23446,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22680,7 +23464,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerStore + product: Dell EMC SRM cves: cve-2021-4104: investigated: false @@ -22688,9 +23472,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - Versions before 4.6.0.2 unaffected_versions: [] cve-2021-45046: investigated: false @@ -22704,12 +23489,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/23/21 + notes: See DSA-2021-301. references: - - '' + - '[DSA-2021-301](https://www.dell.com/support/kbdoc/en-us/000194613/dsa-2021-301)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerVault MD3 Series Storage Arrays + product: Dell EMC Streaming Data Platform cves: cve-2021-4104: investigated: false @@ -22718,10 +23503,14 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - '1.1' + - '1.2' + - 1.2 HF1 + - '1.3' + - 1.3.1 fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -22734,12 +23523,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-297. references: - - '' + - '[DSA-2021-297](https://www.dell.com/support/kbdoc/en-us/000194627/dsa-2021-297-dell-emc-streaming-data-platform-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerVault ME4 Series Storage Arrays + product: Dell EMC Systems Update (DSU) cves: cve-2021-4104: investigated: false @@ -22751,7 +23540,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22769,7 +23558,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC RecoverPoint Classic + product: Dell EMC Unisphere 360 cves: cve-2021-4104: investigated: false @@ -22778,10 +23567,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - All 5.1.x and later versions + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22794,12 +23583,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC RecoverPoint for Virtual Machine + product: Dell EMC Unity cves: cve-2021-4104: investigated: false @@ -22808,9 +23597,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - All 5.0.x and later versions - fixed_versions: [] + affected_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -22824,12 +23613,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: See DSA-2021-294. references: - - '' + - '[DSA-2021-294](https://www.dell.com/support/kbdoc/en-us/000194826/dsa-2021-294-dell-emc-unity-dell-emc-unityvsa-and-dell-emc-unity-xt-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Repository Manager (DRM) + product: Dell EMC Virtual Storage Integrator cves: cve-2021-4104: investigated: false @@ -22841,7 +23630,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22859,7 +23648,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Ruckus SmartZone 100 Controller + product: Dell EMC VPLEX cves: cve-2021-4104: investigated: false @@ -22867,10 +23656,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -22883,12 +23673,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-303 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Ruckus SmartZone 300 Controller + product: Dell EMC vProtect cves: cve-2021-4104: investigated: false @@ -22896,8 +23686,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 19.5-19.9 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -22912,12 +23703,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-303 + notes: See DSA-2022-007. references: - - '' + - '[DSA-2022-007](https://www.dell.com/support/kbdoc/en-us/000195003/title-dsa-2022-007-dell-emc-vprotect-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Ruckus Virtual Software + product: Dell EMC VxRail cves: cve-2021-4104: investigated: false @@ -22925,8 +23716,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 4.5.x + - 4.7.x + - 7.0.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -22941,12 +23735,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-303 + notes: See DSA-2021-265. references: - - '' + - '[DSA-2021-265](https://www.dell.com/support/kbdoc/en-us/000194466/dsa-2021-265-dell-emc-vxrail-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC SourceOne + product: Dell EMC XC cves: cve-2021-4104: investigated: false @@ -22955,10 +23749,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - '' fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -22971,12 +23765,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-311. references: - - '' + - '[DSA-2021-311](https://www.dell.com/support/kbdoc/en-us/000194822/dsa-2021-311-dell-emc-xc-series-and-core-appliance-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC SRM vApp + product: Dell EMC XtremIO cves: cve-2021-4104: investigated: false @@ -22985,10 +23779,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Versions before 4.6.0.2 + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23001,12 +23795,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 1/25/2022 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Streaming Data Platform + product: Dell Encryption Enterprise* cves: cve-2021-4104: investigated: false @@ -23014,10 +23808,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23030,12 +23825,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/18/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Systems Update (DSU) + product: Dell Encryption Personal* cves: cve-2021-4104: investigated: false @@ -23047,7 +23842,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23065,7 +23860,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Unisphere 360 + product: Dell Endpoint Security Suite Enterprise* cves: cve-2021-4104: investigated: false @@ -23077,7 +23872,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23095,7 +23890,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Unity + product: Dell Hybrid Client cves: cve-2021-4104: investigated: false @@ -23103,10 +23898,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23119,12 +23915,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/29/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC Virtual Storage Integrator + product: Dell ImageAssist cves: cve-2021-4104: investigated: false @@ -23136,7 +23932,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23154,7 +23950,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC VPLEX + product: Dell Insights Client cves: cve-2021-4104: investigated: false @@ -23166,7 +23962,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23184,7 +23980,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC VxRail + product: Dell Linux Assistant cves: cve-2021-4104: investigated: false @@ -23193,10 +23989,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"4.5.x 4.7.x 7.0.x"' + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23209,12 +24005,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC XtremIO + product: Dell Memory Solutions cves: cve-2021-4104: investigated: false @@ -23226,7 +24022,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23244,7 +24040,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Encryption Enterprise* + product: Dell Mobile Connect cves: cve-2021-4104: investigated: false @@ -23256,7 +24052,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23274,7 +24070,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Encryption Personal* + product: Dell Monitor ISP (Windows/Mac/Linux) cves: cve-2021-4104: investigated: false @@ -23286,7 +24082,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23304,7 +24100,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Endpoint Security Suite Enterprise* + product: Dell Monitor SDK cves: cve-2021-4104: investigated: false @@ -23316,7 +24112,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23334,7 +24130,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Hybrid Client + product: Dell Networking X-Series cves: cve-2021-4104: investigated: false @@ -23346,7 +24142,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23364,7 +24160,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell ImageAssist + product: Dell OpenManage Change Management cves: cve-2021-4104: investigated: false @@ -23376,7 +24172,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23394,7 +24190,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Insights Client + product: Dell OpenManage Enterprise cves: cve-2021-4104: investigated: false @@ -23403,10 +24199,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - Versions before 3.8.2 fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -23419,12 +24215,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-275 references: - - '' + - '[DSA-2021-275](https://www.dell.com/support/kbdoc/en-us/000194638/dsa-2021-275-dell-emc-openmanage-enterprise-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Linux Assistant + product: Dell OpenManage Enterprise CloudIQ plugin cves: cve-2021-4104: investigated: false @@ -23436,7 +24232,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23454,7 +24250,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Mobile Connect + product: Dell OpenManage Enterprise Modular cves: cve-2021-4104: investigated: false @@ -23463,10 +24259,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - Versions before 1.40.10 fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -23479,12 +24275,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-268 references: - - '' + - '[DSA-2021-268](https://www.dell.com/support/kbdoc/en-us/000194625/dsa-2021-268-dell-emc-openmanage-enterprise-modular-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Monitor ISP (Windows/Mac/Linux) + product: Dell OpenManage Enterprise Power Manager plugin cves: cve-2021-4104: investigated: false @@ -23496,7 +24292,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23514,7 +24310,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Monitor SDK + product: Dell OpenManage Mobile cves: cve-2021-4104: investigated: false @@ -23526,7 +24322,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23544,7 +24340,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Networking X-Series + product: Dell OpenManage Server Administrator cves: cve-2021-4104: investigated: false @@ -23556,7 +24352,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23574,7 +24370,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Open Manage Mobile + product: Dell Optimizer cves: cve-2021-4104: investigated: false @@ -23586,7 +24382,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23604,7 +24400,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Open Manage Server Administrator + product: Dell OS Recovery Tool cves: cve-2021-4104: investigated: false @@ -23616,7 +24412,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23634,7 +24430,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Open Management Enterprise - Modular + product: Dell Peripheral Manager 1.4 / 1.5 for Windows cves: cve-2021-4104: investigated: false @@ -23643,10 +24439,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - <1.40.10 + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23659,12 +24455,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-268 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OpenManage Change Management + product: Dell Platform Service cves: cve-2021-4104: investigated: false @@ -23676,7 +24472,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23694,7 +24490,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OpenManage Enterprise Power Manager Plugin + product: Dell Power Manager cves: cve-2021-4104: investigated: false @@ -23706,7 +24502,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23724,7 +24520,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Optimizer + product: Dell Power Manager Lite cves: cve-2021-4104: investigated: false @@ -23736,7 +24532,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23754,7 +24550,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OS Recovery Tool + product: Dell Precision Optimizer cves: cve-2021-4104: investigated: false @@ -23766,7 +24562,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23784,7 +24580,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Peripheral Manager 1.4 / 1.5 for Windows + product: Dell Precision Optimizer for Linux cves: cve-2021-4104: investigated: false @@ -23796,7 +24592,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23814,7 +24610,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Platform Service + product: Dell Premier Color cves: cve-2021-4104: investigated: false @@ -23826,7 +24622,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23844,7 +24640,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Power Manager + product: Dell Recovery (Linux) cves: cve-2021-4104: investigated: false @@ -23856,7 +24652,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23874,7 +24670,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Power Manager Lite + product: Dell Remediation Platform cves: cve-2021-4104: investigated: false @@ -23886,7 +24682,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23904,7 +24700,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Precision Optimizer + product: Dell Remote Execution Engine (DRONE) cves: cve-2021-4104: investigated: false @@ -23916,7 +24712,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23934,7 +24730,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Precision Optimizer for Linux + product: Dell Security Advisory Update - DSA-2021-088 cves: cve-2021-4104: investigated: false @@ -23946,7 +24742,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23964,7 +24760,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Premier Color + product: Dell Security Management Server & Dell Security Management Server Virtual* cves: cve-2021-4104: investigated: false @@ -23976,7 +24772,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -23994,7 +24790,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Recovery (Linux) + product: Dell SupportAssist SOS cves: cve-2021-4104: investigated: false @@ -24006,7 +24802,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24024,7 +24820,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Remediation Platform + product: Dell Thin OS cves: cve-2021-4104: investigated: false @@ -24036,7 +24832,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24054,7 +24850,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Remote Execution Engine (DRONE) + product: Dell Threat Defense cves: cve-2021-4104: investigated: false @@ -24066,7 +24862,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24084,7 +24880,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Security Advisory Update - DSA-2021-088 + product: Dell True Color cves: cve-2021-4104: investigated: false @@ -24096,7 +24892,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24114,7 +24910,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Security Management Server & Dell Security Management Server Virtual* + product: Dell Trusted Device cves: cve-2021-4104: investigated: false @@ -24126,7 +24922,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24144,7 +24940,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell SupportAssist SOS + product: Dell Update cves: cve-2021-4104: investigated: false @@ -24156,7 +24952,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24174,7 +24970,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Thin OS + product: Dream Catcher cves: cve-2021-4104: investigated: false @@ -24186,7 +24982,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24204,7 +25000,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Threat Defense + product: DUP Creation Service cves: cve-2021-4104: investigated: false @@ -24216,7 +25012,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24234,7 +25030,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell True Color + product: DUP Framework (ISG) cves: cve-2021-4104: investigated: false @@ -24246,7 +25042,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24264,7 +25060,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Trusted Device + product: ECS cves: cve-2021-4104: investigated: false @@ -24274,9 +25070,14 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - 3.3.x + - 3.4.x + - 3.5.x + - 3.6.0.x + - 3.6.1.x + - 3.6.2.0 + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -24289,12 +25090,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-273. references: - - '' + - '[DSA-2021-273](https://www.dell.com/support/kbdoc/en-us/000194612/dsa-2021-273-dell-emc-ecs-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell Update + product: Embedded NAS cves: cve-2021-4104: investigated: false @@ -24306,7 +25107,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24324,7 +25125,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: DellEMC OpenManage Enterprise Services + product: Embedded Service Enabler cves: cve-2021-4104: investigated: false @@ -24332,10 +25133,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24348,12 +25150,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dream Catcher + product: Enterprise Hybrid Cloud cves: cve-2021-4104: investigated: false @@ -24365,7 +25167,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24378,12 +25180,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-270. references: - - '' + - '[DSA-2021-270](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: DUP Creation Service + product: Equallogic PS cves: cve-2021-4104: investigated: false @@ -24395,7 +25197,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24413,7 +25215,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: DUP Framework (ISG) + product: Fluid FS cves: cve-2021-4104: investigated: false @@ -24425,7 +25227,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24443,7 +25245,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Embedded NAS + product: iDRAC Service Module (iSM) cves: cve-2021-4104: investigated: false @@ -24455,7 +25257,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24473,7 +25275,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Embedded Service Enabler + product: Infinity MLK (firmware) cves: cve-2021-4104: investigated: false @@ -24485,7 +25287,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24503,7 +25305,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Enterprise Hybrid Cloud + product: Integrated Dell Remote Access Controller (iDRAC) cves: cve-2021-4104: investigated: false @@ -24511,10 +25313,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24527,12 +25330,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '[link](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Equallogic PS + product: ISG Accelerators cves: cve-2021-4104: investigated: false @@ -24544,7 +25347,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24562,7 +25365,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Fluid FS + product: ISG Board & Electrical cves: cve-2021-4104: investigated: false @@ -24574,7 +25377,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24592,7 +25395,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: iDRAC Service Module (iSM) + product: ISG Drive & Storage Media cves: cve-2021-4104: investigated: false @@ -24604,7 +25407,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24622,7 +25425,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Infinity MLK (firmware) + product: IsilonSD Management Server cves: cve-2021-4104: investigated: false @@ -24634,7 +25437,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24652,7 +25455,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Integrated Dell Remote Access Controller (iDRAC) + product: IVE-WinDiag cves: cve-2021-4104: investigated: false @@ -24664,7 +25467,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24682,7 +25485,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: ISG Accelerators + product: Mainframe Enablers cves: cve-2021-4104: investigated: false @@ -24694,7 +25497,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24712,7 +25515,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: ISG Board & Electrical + product: MDS cves: cve-2021-4104: investigated: false @@ -24724,7 +25527,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24742,7 +25545,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: IsilonSD Management Server + product: My Dell cves: cve-2021-4104: investigated: false @@ -24754,7 +25557,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24772,7 +25575,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: IVE-WinDiag + product: MyDell Mobile cves: cve-2021-4104: investigated: false @@ -24784,7 +25587,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24802,7 +25605,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Mainframe Enablers + product: NetWorker Management Console cves: cve-2021-4104: investigated: false @@ -24814,7 +25617,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24832,7 +25635,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: My Dell + product: Networking BIOS cves: cve-2021-4104: investigated: false @@ -24844,7 +25647,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24862,7 +25665,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: MyDell Mobile + product: Networking DIAG cves: cve-2021-4104: investigated: false @@ -24874,7 +25677,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24892,7 +25695,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: NetWorker Management Console + product: Networking N-Series cves: cve-2021-4104: investigated: false @@ -24904,7 +25707,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24922,7 +25725,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking BIOS + product: Networking OS 10 cves: cve-2021-4104: investigated: false @@ -24934,7 +25737,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24952,7 +25755,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking DIAG + product: Networking OS 9 cves: cve-2021-4104: investigated: false @@ -24964,7 +25767,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -24982,7 +25785,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking N-Series + product: Networking SD-WAN Edge SD-WAN cves: cve-2021-4104: investigated: false @@ -24994,7 +25797,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25012,7 +25815,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking OS 10 + product: Networking W-Series cves: cve-2021-4104: investigated: false @@ -25024,7 +25827,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25042,7 +25845,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking OS9 + product: Networking X-Series cves: cve-2021-4104: investigated: false @@ -25054,7 +25857,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25072,7 +25875,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking SD-WAN Edge SD-WAN + product: OMIMSSC (OpenManage Integration for Microsoft System Center) cves: cve-2021-4104: investigated: false @@ -25084,7 +25887,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25102,7 +25905,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking W-Series + product: OMNIA cves: cve-2021-4104: investigated: false @@ -25114,7 +25917,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25132,7 +25935,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking X-Series + product: OpenManage Connections - Nagios cves: cve-2021-4104: investigated: false @@ -25144,7 +25947,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25162,7 +25965,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OMIMSSC (OpenManage Integration for Microsoft System Center) + product: OpenManage Connections - ServiceNow cves: cve-2021-4104: investigated: false @@ -25174,7 +25977,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25192,7 +25995,8 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OMNIA + product: OpenManage Integration for Microsoft System Center for System Center + Operations Manager cves: cve-2021-4104: investigated: false @@ -25204,7 +26008,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25222,7 +26026,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OpenManage Connections - Nagios + product: OpenManage Integration with Microsoft Windows Admin Center cves: cve-2021-4104: investigated: false @@ -25234,7 +26038,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25252,7 +26056,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OpenManage Connections - ServiceNow + product: OpenManage Network Integration cves: cve-2021-4104: investigated: false @@ -25264,7 +26068,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25282,7 +26086,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OpenManage Enterprise + product: OpenManage Power Center cves: cve-2021-4104: investigated: false @@ -25290,10 +26094,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25306,13 +26111,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OpenManage Integration for Microsoft System Center for System Center - Operations Manager + product: PowerConnect N3200 cves: cve-2021-4104: investigated: false @@ -25324,7 +26128,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25342,7 +26146,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OpenManage Integration with Microsoft Windows Admin Center + product: PowerConnect PC2800 cves: cve-2021-4104: investigated: false @@ -25354,7 +26158,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25372,7 +26176,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OpenManage Network Integration + product: PowerConnect PC8100 cves: cve-2021-4104: investigated: false @@ -25384,7 +26188,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25402,7 +26206,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: PowerConnect N3200 + product: PowerEdge Accelerator Solutions cves: cve-2021-4104: investigated: false @@ -25414,7 +26218,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25432,7 +26236,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: PowerConnect PC2800 + product: PowerEdge BIOS cves: cve-2021-4104: investigated: false @@ -25444,7 +26248,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25462,7 +26266,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: PowerConnect PC8100 + product: PowerEdge Networking Solutions cves: cve-2021-4104: investigated: false @@ -25474,7 +26278,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25492,7 +26296,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: PowerEdge BIOS + product: PowerEdge Operating Systems cves: cve-2021-4104: investigated: false @@ -25504,7 +26308,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25522,7 +26326,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: PowerEdge Operating Systems + product: PowerEdge RAID Controller Solutions cves: cve-2021-4104: investigated: false @@ -25534,7 +26338,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25564,7 +26368,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25594,7 +26398,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25624,7 +26428,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25654,7 +26458,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25684,7 +26488,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25714,7 +26518,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25744,7 +26548,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25774,7 +26578,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25804,7 +26608,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25849,10 +26653,10 @@ software: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-282 references: - - '' + - '[]' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Secure Connect Gateway (SCG) Policy Manager + product: Secure Connect Gateway (SCG) Appliance cves: cve-2021-4104: investigated: false @@ -25861,10 +26665,41 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"5.00.00.10 5.00.05.10"' + affected_versions: [] + fixed_versions: + - 5.00.00, 5.00.05, and 4.0.06 and earlier versions (OVF and VHD) + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-282 + references: + - '[DSA-2021-282](https://www.dell.com/support/kbdoc/en-us/000194624/dsa-2021-282-dell-emc-secure-connect-gateway-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Secure Connect Gateway (SCG) Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 5.00.00.10 + - 5.00.05.10 + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -25879,7 +26714,7 @@ software: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-281 references: - - '' + - '[DSA-2021-281](https://www.dell.com/support/kbdoc/en-us/000194539/dsa-2021-281-dell-emc-policy-manager-for-secure-connect-gateway-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Server Storage @@ -25894,7 +26729,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25924,7 +26759,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25954,7 +26789,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -25984,7 +26819,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26014,7 +26849,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26044,7 +26879,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26074,7 +26909,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26104,7 +26939,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26131,9 +26966,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '7' - fixed_versions: [] + affected_versions: [] + fixed_versions: + - '7.0' unaffected_versions: [] cve-2021-45046: investigated: false @@ -26147,9 +26982,9 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: See DSA-2021-287. references: - - '' + - '[DSA-2021-287](https://www.dell.com/support/kbdoc/en-us/000194544/dsa-2021-287-dell-emc-srs-policy-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SRS VE @@ -26164,7 +26999,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26190,8 +27025,13 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 16.x + - 17.x + - 18.x + - 19.x + - 20.1.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -26206,9 +27046,9 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending + notes: See DSA-2021-310. references: - - '' + - '[DSA-2021-310](https://www.dell.com/support/kbdoc/en-us/000194790/dsa-2021-310-storage-center-dell-storage-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Storage Center OS and additional SC applications unless otherwise noted @@ -26223,7 +27063,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26253,7 +27093,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26283,7 +27123,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26309,8 +27149,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 2.0.70 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -26325,9 +27166,9 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/23/21 + notes: See DSA-2021-283. references: - - '' + - '[DSA-2021-283](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: UCC Edge @@ -26342,7 +27183,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26368,9 +27209,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - Versions before 4.0 SP 9.2 (4.0.9.1541235) unaffected_versions: [] cve-2021-45046: investigated: false @@ -26384,9 +27226,9 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 1/10/2022 + notes: See DSA-2021-296. references: - - '' + - '[DSA-2021-296](https://www.dell.com/support/kbdoc/en-us/000194874/dsa-2021-296-dell-emc-unisphere-central-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Unisphere for PowerMax @@ -26401,7 +27243,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26431,7 +27273,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26461,7 +27303,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26491,7 +27333,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26521,7 +27363,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26547,8 +27389,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - '' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -26563,9 +27406,10 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending See vce6771 (requires customer login) + notes: Patch pending See vce6771 (requires customer login). This advisory is available + to customer only and has not been reviewed by CISA. references: - - '' + - '[vce6771](https://support-dellemc-com.secure.force.com/)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: ViPR Controller @@ -26580,7 +27424,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26608,7 +27452,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '"8.2 8.3 8.4 8.5 and 8.6"' + - 8.2 8.3 8.4 8.5 and 8.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -26638,7 +27482,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '"8.2 8.3 8.4 8.5 and 8.6"' + - 8.2 8.3 8.4 8.5 and 8.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -26658,7 +27502,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: VNX1 + product: VNX Control Station cves: cve-2021-4104: investigated: false @@ -26670,7 +27514,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26688,7 +27532,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: VNX2 + product: VNX1 cves: cve-2021-4104: investigated: false @@ -26700,7 +27544,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26718,7 +27562,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: VNXe 1600 + product: VNX2 cves: cve-2021-4104: investigated: false @@ -26727,10 +27571,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Versions 3.1.16.10220572 and earlier + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26743,12 +27587,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: VNXe 3200 + product: VNXe 1600 cves: cve-2021-4104: investigated: false @@ -26757,9 +27601,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Version 3.1.15.10216415 and earlier - fixed_versions: [] + affected_versions: [] + fixed_versions: + - Versions 3.1.16.10220572 and earlier unaffected_versions: [] cve-2021-45046: investigated: false @@ -26773,12 +27617,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 + notes: See DSA-2021-299 references: - - '' + - '[DSA-2021-299](https://www.dell.com/support/kbdoc/en-us/000194605/dsa-2021-299-dell-emc-vnxe1600-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228?lang=en)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: VPLEX VS2/VS6 / VPLEX Witness + product: VNXe 3200 cves: cve-2021-4104: investigated: false @@ -26788,9 +27632,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A + fixed_versions: + - Version 3.1.15.10216415 and earlier + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -26803,12 +27647,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: See DSA-2021-298 references: - - '' + - '[DSA-2021-298](https://www.dell.com/support/kbdoc/en-us/000194606/dsa-2021-298-dell-emc-vnxe3200-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228?lang=en)' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: vRealize Data Protection Extension Data Management + product: VPLEX VS2/VS6 / VPLEX Witness cves: cve-2021-4104: investigated: false @@ -26816,10 +27660,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -26832,12 +27677,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: vRealize Data Protection Extension for vRealize Automation (vRA) 8.x + product: vRealize Data Protection Extension Data Management cves: cve-2021-4104: investigated: false @@ -26846,9 +27691,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"version 19.6 version 19.7 version 19.8 and version 19.9"' - fixed_versions: [] + affected_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -26862,9 +27707,9 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 + notes: See DSA-2021-290. references: - - '' + - '[DSA-2021-290](https://www.dell.com/support/kbdoc/en-us/000194614/dsa-2021-290-dell-emc-vrealize-data-protection-extension-for-vrealize-automation-vra-8-x-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage @@ -26876,9 +27721,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Various - fixed_versions: [] + affected_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -26892,9 +27737,9 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-300 + notes: See DSA-2021-300. references: - - '' + - '[DSA-2021-300](https://www.dell.com/support/kbdoc/en-us/000194610/dsa-2021-300)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRO Plugin for Dell EMC PowerMax @@ -26906,9 +27751,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: + affected_versions: [] + fixed_versions: - Version 1.2.3 or earlier - fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -26936,9 +27781,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: + affected_versions: [] + fixed_versions: - Version 1.1.0 or earlier - fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -27059,7 +27904,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27085,7 +27930,7 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] @@ -27101,9 +27946,10 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '"Patch pending See vce6771 (requires customer login) "' + notes: Patch pending See vce6771 (requires customer login). This advisory is available + to customer only and has not been reviewed by CISA. references: - - '' + - '[vce6771](https://support-dellemc-com.secure.force.com/)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Warnado MLK (firmware) @@ -27118,7 +27964,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27145,9 +27991,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - <3.5 - fixed_versions: [] + affected_versions: [] + fixed_versions: + - < 3.5 unaffected_versions: [] cve-2021-45046: investigated: false @@ -27163,7 +28009,7 @@ software: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-267 references: - - '' + - '[DSA-2021-267](https://www.dell.com/support/kbdoc/en-us/000194459/dsa-2021-267-dell-wyse-management-suite-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Wyse Proprietary OS (ThinOS) @@ -27178,7 +28024,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27208,7 +28054,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - N/A + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27256,7 +28102,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Denequa - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -27285,7 +28131,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Device42 - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -27293,10 +28139,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27314,7 +28161,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Devolutions - product: All products + product: All cves: cve-2021-4104: investigated: false @@ -27322,10 +28169,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27343,7 +28191,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Diebold Nixdorf - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -27380,10 +28228,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27409,10 +28258,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27438,10 +28288,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27467,10 +28318,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27496,10 +28348,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27525,10 +28378,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27554,10 +28408,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27583,10 +28438,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27612,10 +28468,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27641,10 +28498,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27670,10 +28528,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27699,10 +28558,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27728,10 +28588,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27757,10 +28618,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27786,10 +28648,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27815,10 +28678,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27844,10 +28708,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27873,10 +28738,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27902,10 +28768,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27931,10 +28798,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi EX routers + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27952,7 +28850,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi EX routers + product: Digi IX routers cves: cve-2021-4104: investigated: false @@ -27960,10 +28858,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi LR54 + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -27981,7 +28910,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi IX routers + product: Digi Navigator cves: cve-2021-4104: investigated: false @@ -27989,10 +28918,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi One family + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28010,7 +28970,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi LR54 + product: Digi Passport family cves: cve-2021-4104: investigated: false @@ -28018,10 +28978,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi PortServer TS family + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28039,7 +29030,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi Navigator + product: Digi Remote Manager cves: cve-2021-4104: investigated: false @@ -28047,10 +29038,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28068,7 +29060,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi One family + product: Digi TX routers cves: cve-2021-4104: investigated: false @@ -28076,10 +29068,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28097,7 +29090,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi Passport family + product: Digi WR11 cves: cve-2021-4104: investigated: false @@ -28105,10 +29098,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28126,7 +29120,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi PortServer TS family + product: Digi WR21 cves: cve-2021-4104: investigated: false @@ -28134,10 +29128,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28155,7 +29150,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi Remote Manager + product: Digi WR31 cves: cve-2021-4104: investigated: false @@ -28163,10 +29158,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28184,7 +29180,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi TX routers + product: Digi WR44R/RR cves: cve-2021-4104: investigated: false @@ -28192,10 +29188,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28213,7 +29210,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi WR11 + product: Digi WR54 cves: cve-2021-4104: investigated: false @@ -28221,10 +29218,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28242,7 +29240,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi WR21 + product: Digi WR64 cves: cve-2021-4104: investigated: false @@ -28250,10 +29248,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28271,7 +29270,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi WR31 + product: Digi Xbee mobile app cves: cve-2021-4104: investigated: false @@ -28279,10 +29278,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28300,7 +29300,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi WR44R/RR + product: Lighthouse cves: cve-2021-4104: investigated: false @@ -28308,10 +29308,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28329,7 +29330,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi WR54 + product: Realport cves: cve-2021-4104: investigated: false @@ -28337,10 +29338,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28358,7 +29360,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Digi International - product: Digi WR64 + product: Remote Hub Config Utility cves: cve-2021-4104: investigated: false @@ -28366,10 +29368,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28386,8 +29389,8 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Digi Xbee mobile app + - vendor: Digicert + product: All cves: cve-2021-4104: investigated: false @@ -28410,13 +29413,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.digi.com/resources/security + - https://knowledge.digicert.com/alerts/digicert-log4j-response.html notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Lighthouse + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Digital AI + product: All cves: cve-2021-4104: investigated: false @@ -28439,13 +29442,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.digi.com/resources/security + - https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1 notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Realport + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Digital Alert Systems + product: All cves: cve-2021-4104: investigated: false @@ -28468,13 +29471,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.digi.com/resources/security - notes: '' + - https://www.digitalalertsystems.com/default-2.htm + notes: Formerly Monroe Electronics, Inc. references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Remote Hub Config Utility + last_updated: '2022-01-05T00:00:00' + - vendor: DirectAdmin + product: All cves: cve-2021-4104: investigated: false @@ -28482,10 +29485,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28497,13 +29501,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.digi.com/resources/security - notes: '' + - https://forum.directadmin.com/threads/new-zero-day-exploit-for-log4j-java-library-is-an-enterprise-nightmare.65173/#post-339723 + notes: Invidivual plugins not developed as part of DirectAdmin core may be vulnerable. references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digicert - product: '' + last_updated: '2022-01-05T00:00:00' + - vendor: DNSFilter + product: All cves: cve-2021-4104: investigated: false @@ -28526,13 +29530,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://knowledge.digicert.com/alerts/digicert-log4j-response.html + - https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Digital AI - product: '' + - vendor: Docker + product: Infrastructure cves: cve-2021-4104: investigated: false @@ -28540,10 +29544,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28555,12 +29560,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1 - notes: '' + - https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ + notes: Docker infrastructure not vulnerable, Docker images could be vulnerable. + For more info see source. references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Digital Alert Systems + - vendor: Docusign product: All cves: cve-2021-4104: @@ -28584,13 +29590,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.digitalalertsystems.com/default-2.htm - notes: Formerly Monroe Electronics, Inc. + - https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability + notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: DNSFilter - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: DotCMS + product: Hybrid Content Management System cves: cve-2021-4104: investigated: false @@ -28598,9 +29604,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -28613,13 +29620,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability + - https://github.com/dotCMS/core/issues/21393 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Docker - product: '' + - vendor: DrayTek + product: All cves: cve-2021-4104: investigated: false @@ -28627,10 +29634,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28642,13 +29650,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ + - https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/ notes: '' references: - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Docusign - product: '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dropwizard + product: All cves: cve-2021-4104: investigated: false @@ -28656,10 +29664,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28671,14 +29680,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability - notes: '' + - https://twitter.com/dropwizardio/status/1469285337524580359 + notes: Only vulnerable if you manually added Log4j. references: - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: DrayTek - product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, - MyVigor Platform + last_updated: '2021-12-15T00:00:00' + - vendor: Dräger + product: All cves: cve-2021-4104: investigated: false @@ -28686,10 +29694,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28701,13 +29710,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/ + - https://static.draeger.com/security notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: DSpace - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -28744,9 +29753,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -28765,7 +29775,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace - product: Dynatrace Extensions + product: Cloud Services cves: cve-2021-4104: investigated: false @@ -28773,10 +29783,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: Please see Dynatrace Communication for details + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: Extensions + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -28802,9 +29843,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -28831,10 +29873,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28860,10 +29903,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -28889,9 +29933,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -28918,9 +29963,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -28947,9 +29993,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false diff --git a/data/cisagov_D.yml b/data/cisagov_D.yml index 3bfc34b..3bd65f6 100644 --- a/data/cisagov_D.yml +++ b/data/cisagov_D.yml @@ -74,7 +74,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - 'DWP-1000' + - DWP-1000 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -166,7 +166,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'P10' + - P10 cve-2021-45046: investigated: false affected_versions: [] @@ -196,13 +196,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'AMP-R200' - - 'AMP-R400' - - 'AMP-R800' - - 'AMP-SM100' - - 'AMP-SE100' - - 'AMP-SM200' - - 'AMP-SM400' + - AMP-R200 + - AMP-R400 + - AMP-R800 + - AMP-SM100 + - AMP-SE100 + - AMP-SM200 + - AMP-SM400 cve-2021-45046: investigated: false affected_versions: [] @@ -244,8 +244,8 @@ software: unaffected_versions: [] vendor_links: - https://www.daktronics.com/en-us/support/kb/000025337 - notes: DMS Web Player not present in our codebase, but awaiting confirmation - from LG re webOS platform. + notes: DMS Web Player not present in our codebase, but awaiting confirmation from + LG re webOS platform. references: - '' last_updated: '2022-01-06T00:00:00' @@ -262,7 +262,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'A-3257' + - A-3257 - '3256' - '2270' - '2269' @@ -296,7 +296,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'A-3189335' + - A-3189335 - '3128' - '3416' - '3418' @@ -332,7 +332,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'A-4036028' + - A-4036028 cve-2021-45046: investigated: false affected_versions: [] @@ -362,7 +362,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'A-3665' + - A-3665 cve-2021-45046: investigated: false affected_versions: [] @@ -390,7 +390,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - 'A-3350704' + - A-3350704 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -612,7 +612,8 @@ software: unaffected_versions: [] vendor_links: - https://customerportal.darktrace.com/inside-the-soc/get-article/201 - notes: This advisory is available to customer only and has not been reviewed by CISA. + notes: This advisory is available to customer only and has not been reviewed by + CISA. references: - '' last_updated: '2022-01-12T07:18:50+00:00' @@ -641,7 +642,8 @@ software: unaffected_versions: [] vendor_links: - https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e - notes: This advisory is available to customer only and has not been reviewed by CISA. + notes: This advisory is available to customer only and has not been reviewed by + CISA. references: - '' last_updated: '2022-01-12T07:18:50+00:00' @@ -688,9 +690,9 @@ software: affected_versions: [] fixed_versions: - '>=6.17.0' - - '<=6.32.2' + - <=6.32.2 - '>=7.17.0' - - '<=7.32.2' + - <=7.32.2 unaffected_versions: [] cve-2021-45046: investigated: false @@ -721,7 +723,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< 1.0.2' + - < 1.0.2 unaffected_versions: [] cve-2021-45046: investigated: false @@ -752,7 +754,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< 1.0.2' + - < 1.0.2 unaffected_versions: [] cve-2021-45046: investigated: false @@ -766,7 +768,8 @@ software: unaffected_versions: [] vendor_links: - https://www.datadoghq.com/log4j-vulnerability/ - notes: Following AWS recommendation, library updated using the latest version of amazon-lambda-java-log4j2 (1.4.0). + notes: Following AWS recommendation, library updated using the latest version + of amazon-lambda-java-log4j2 (1.4.0). references: - '' last_updated: '2022-01-12T07:18:50+00:00' @@ -989,25 +992,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' @@ -1022,25 +1025,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' @@ -1055,25 +1058,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' @@ -1088,25 +1091,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' @@ -1121,25 +1124,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 notes: '' @@ -1154,12 +1157,12 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - - 'All' + - All unaffected_versions: [] cve-2021-45046: investigated: false @@ -1173,7 +1176,8 @@ software: unaffected_versions: [] vendor_links: - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 - notes: The solution contains Elasticsearch (vulnerable). Mitigating actions available on our WIKI. + notes: The solution contains Elasticsearch (vulnerable). Mitigating actions available + on our WIKI. references: - '' last_updated: '2022-02-01T07:18:50+00:00' @@ -1185,12 +1189,12 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - - 'All' + - All unaffected_versions: [] cve-2021-45046: investigated: false @@ -1204,7 +1208,8 @@ software: unaffected_versions: [] vendor_links: - https://decos.freshdesk.com/nl/support/solutions/articles/17000121598 - notes: The SaaS hosted solution contains Logstash + Elasticsearch (vulnerable). Mitigating actions taken. + notes: The SaaS hosted solution contains Logstash + Elasticsearch (vulnerable). + Mitigating actions taken. references: - '' last_updated: '2022-02-01T07:18:50+00:00' @@ -1699,6 +1704,37 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Client Platforms (Latitude, OptiPlex, Alienware, Inspiron, Precision, + XPS, Vostro, ChengMing) BIOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Cloud IQ cves: @@ -1907,8 +1943,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - 'Versions prior to 11.5(1x)' + affected_versions: Versions prior to 11.5(1x) fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -2060,7 +2095,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Versions from 7.3.0.5 to 7.7.0.6' + - Versions from 7.3.0.5 to 7.7.0.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -2229,36 +2264,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Client Platforms (Latitude, OptiPlex, Alienware, Inspiron, Precision, XPS, Vostro, ChengMing) BIOS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - '' - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Cloud Command Repository Manager cves: @@ -2994,7 +2999,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Versions from 19.6 and later' + - Versions from 19.6 and later fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3145,14 +3150,14 @@ software: investigated: true affected_versions: [] fixed_versions: - - '18.x (or earlier) -standalone DPA is EOSL' - - '18.2.x (IDPA)' - - '19.1.x' - - '19.2.x' - - '19.3.x' - - '19.4.x' - - '19.5.x' - - '19.6.0' + - 18.x (or earlier) -standalone DPA is EOSL + - 18.2.x (IDPA) + - 19.1.x + - 19.2.x + - 19.3.x + - 19.4.x + - 19.5.x + - 19.6.0 unaffected_versions: [] cve-2021-45046: investigated: false @@ -3182,8 +3187,8 @@ software: investigated: true affected_versions: [] fixed_versions: - - '18.2.x-19.4.x' - - '19.5.0-19.5.0.7' + - 18.2.x-19.4.x + - 19.5.0-19.5.0.7 unaffected_versions: [] cve-2021-45046: investigated: false @@ -3212,7 +3217,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Versions before 19.6' + - Versions before 19.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3302,9 +3307,9 @@ software: cve-2021-44228: investigated: true affected_versions: - - '<6.0.0' - - '6.1.0' - - '6.2.x' + - <6.0.0 + - 6.1.0 + - 6.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3487,7 +3492,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Versions before 7.0.1 P2' + - Versions before 7.0.1 P2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3517,8 +3522,8 @@ software: cve-2021-44228: investigated: true affected_versions: - - '19.4.x' - - '19.5.x' + - 19.4.x + - 19.5.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3548,8 +3553,8 @@ software: cve-2021-44228: investigated: true affected_versions: - - '19.4.x' - - '19.5.x' + - 19.4.x + - 19.5.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3658,66 +3663,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell OpenManage Enterprise - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 'Versions before 3.8.2' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-275 - references: - - '[DSA-2021-275](https://www.dell.com/support/kbdoc/en-us/000194638/dsa-2021-275-dell-emc-openmanage-enterprise-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell OpenManage Enterprise Modular - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 'Versions before 1.40.10' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-268 - references: - - '[DSA-2021-268](https://www.dell.com/support/kbdoc/en-us/000194625/dsa-2021-268-dell-emc-openmanage-enterprise-modular-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' - last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC OpenManage Enterprise Services cves: @@ -3729,7 +3674,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Version 1.2 and earlier' + - Version 1.2 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3910,10 +3855,10 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'RCM 3.3 train - all versions up to 3.3.11.0' - - 'RCM 3.4 train - all versions up to 3.4.6.0' - - 'RCM 3.5 train - all versions up to 3.5.6.0' - - 'RCM 3.6 train - all versions up to 3.6.2.0' + - RCM 3.3 train - all versions up to 3.3.11.0 + - RCM 3.4 train - all versions up to 3.4.6.0 + - RCM 3.5 train - all versions up to 3.5.6.0 + - RCM 3.6 train - all versions up to 3.6.2.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -3944,14 +3889,14 @@ software: investigated: true affected_versions: - '3.5' - - '3.5.1' - - '3.5.1.1' - - '3.5.1.2' - - '3.5.1.3' - - '3.5.1.4' + - 3.5.1 + - 3.5.1.1 + - 3.5.1.2 + - 3.5.1.3 + - 3.5.1.4 - '3.6' - - '3.6.0.1' - - '3.6.0.2' + - 3.6.0.1 + - 3.6.0.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -4071,7 +4016,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'All versions 19.9 and earlier' + - All versions 19.9 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -4101,7 +4046,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '2.7.0 and earlier' + - 2.7.0 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -4251,7 +4196,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Versions before 2.0.1.3-1538564' + - Versions before 2.0.1.3-1538564 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -4371,7 +4316,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'All' + - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -4552,7 +4497,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'Versions before 4.6.0.2' + - Versions before 4.6.0.2 unaffected_versions: [] cve-2021-45046: investigated: false @@ -4583,9 +4528,9 @@ software: affected_versions: - '1.1' - '1.2' - - '1.2 HF1' + - 1.2 HF1 - '1.3' - - '1.3.1' + - 1.3.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -4765,7 +4710,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '19.5-19.9' + - 19.5-19.9 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -4795,9 +4740,9 @@ software: cve-2021-44228: investigated: true affected_versions: - - '4.5.x' - - '4.7.x' - - '7.0.x' + - 4.5.x + - 4.7.x + - 7.0.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -5237,7 +5182,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OpenManage Mobile + product: Dell OpenManage Change Management cves: cve-2021-4104: investigated: false @@ -5267,7 +5212,37 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OpenManage Server Administrator + product: Dell OpenManage Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions before 3.8.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-275 + references: + - '[DSA-2021-275](https://www.dell.com/support/kbdoc/en-us/000194638/dsa-2021-275-dell-emc-openmanage-enterprise-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell OpenManage Enterprise CloudIQ plugin cves: cve-2021-4104: investigated: false @@ -5297,7 +5272,37 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OpenManage Change Management + product: Dell OpenManage Enterprise Modular + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions before 1.40.10 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-268 + references: + - '[DSA-2021-268](https://www.dell.com/support/kbdoc/en-us/000194625/dsa-2021-268-dell-emc-openmanage-enterprise-modular-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell OpenManage Enterprise Power Manager plugin cves: cve-2021-4104: investigated: false @@ -5327,7 +5332,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OpenManage Enterprise Power Manager plugin + product: Dell OpenManage Mobile cves: cve-2021-4104: investigated: false @@ -5357,7 +5362,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell OpenManage Enterprise CloudIQ plugin + product: Dell OpenManage Server Administrator cves: cve-2021-4104: investigated: false @@ -6088,12 +6093,12 @@ software: investigated: true affected_versions: [] fixed_versions: - - '3.3.x' - - '3.4.x' - - '3.5.x' - - '3.6.0.x' - - '3.6.1.x' - - '3.6.2.0' + - 3.3.x + - 3.4.x + - 3.5.x + - 3.6.0.x + - 3.6.1.x + - 3.6.2.0 unaffected_versions: [] cve-2021-45046: investigated: false @@ -6742,7 +6747,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking OS 9 + product: Networking OS 10 cves: cve-2021-4104: investigated: false @@ -6772,7 +6777,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Networking OS 10 + product: Networking OS 9 cves: cve-2021-4104: investigated: false @@ -7012,7 +7017,8 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: OpenManage Integration for Microsoft System Center for System Center Operations Manager + product: OpenManage Integration for Microsoft System Center for System Center + Operations Manager cves: cve-2021-4104: investigated: false @@ -7683,7 +7689,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '5.00.00, 5.00.05, and 4.0.06 and earlier versions (OVF and VHD)' + - 5.00.00, 5.00.05, and 4.0.06 and earlier versions (OVF and VHD) unaffected_versions: [] cve-2021-45046: investigated: false @@ -7713,8 +7719,8 @@ software: investigated: true affected_versions: [] fixed_versions: - - '5.00.00.10' - - '5.00.05.10' + - 5.00.00.10 + - 5.00.05.10 unaffected_versions: [] cve-2021-45046: investigated: false @@ -8043,11 +8049,11 @@ software: cve-2021-44228: investigated: true affected_versions: - - '16.x' - - '17.x' - - '18.x' - - '19.x' - - '20.1.1' + - 16.x + - 17.x + - 18.x + - 19.x + - 20.1.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8167,7 +8173,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '2.0.70 and earlier' + - 2.0.70 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8228,7 +8234,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'Versions before 4.0 SP 9.2 (4.0.9.1541235)' + - Versions before 4.0 SP 9.2 (4.0.9.1541235) unaffected_versions: [] cve-2021-45046: investigated: false @@ -8422,7 +8428,8 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. + notes: Patch pending See vce6771 (requires customer login). This advisory is available + to customer only and has not been reviewed by CISA. references: - '[vce6771](https://support-dellemc-com.secure.force.com/)' last_updated: '2021-12-15T00:00:00' @@ -8467,7 +8474,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '8.2 8.3 8.4 8.5 and 8.6' + - 8.2 8.3 8.4 8.5 and 8.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8497,7 +8504,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '8.2 8.3 8.4 8.5 and 8.6' + - 8.2 8.3 8.4 8.5 and 8.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8618,7 +8625,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'Versions 3.1.16.10220572 and earlier' + - Versions 3.1.16.10220572 and earlier unaffected_versions: [] cve-2021-45046: investigated: false @@ -8648,7 +8655,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'Version 3.1.15.10216415 and earlier' + - Version 3.1.15.10216415 and earlier unaffected_versions: [] cve-2021-45046: investigated: false @@ -8768,7 +8775,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'Version 1.2.3 or earlier' + - Version 1.2.3 or earlier unaffected_versions: [] cve-2021-45046: investigated: false @@ -8798,7 +8805,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'Version 1.1.0 or earlier' + - Version 1.1.0 or earlier unaffected_versions: [] cve-2021-45046: investigated: false @@ -8827,7 +8834,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Version 1.1.4 or earlier' + - Version 1.1.4 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8857,7 +8864,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Version 1.0.6 or earlier' + - Version 1.0.6 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8887,7 +8894,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Version 4.1.2 or earlier' + - Version 4.1.2 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8961,7 +8968,8 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. + notes: Patch pending See vce6771 (requires customer login). This advisory is available + to customer only and has not been reviewed by CISA. references: - '[vce6771](https://support-dellemc-com.secure.force.com/)' last_updated: '2021-12-15T00:00:00' @@ -9007,7 +9015,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< 3.5' + - < 3.5 unaffected_versions: [] cve-2021-45046: investigated: false @@ -10575,7 +10583,8 @@ software: unaffected_versions: [] vendor_links: - https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ - notes: Docker infrastructure not vulnerable, Docker images could be vulnerable. For more info see source. + notes: Docker infrastructure not vulnerable, Docker images could be vulnerable. + For more info see source. references: - '' last_updated: '2022-01-12T07:18:50+00:00' @@ -10638,7 +10647,7 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Dräger + - vendor: DrayTek product: All cves: cve-2021-4104: @@ -10663,12 +10672,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://static.draeger.com/security + - https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/ notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: DrayTek + - vendor: Dropwizard product: All cves: cve-2021-4104: @@ -10693,12 +10702,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/ - notes: '' + - https://twitter.com/dropwizardio/status/1469285337524580359 + notes: Only vulnerable if you manually added Log4j. references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: Dropwizard + - vendor: Dräger product: All cves: cve-2021-4104: @@ -10723,8 +10732,8 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://twitter.com/dropwizardio/status/1469285337524580359 - notes: Only vulnerable if you manually added Log4j. + - https://static.draeger.com/security + notes: '' references: - '' last_updated: '2021-12-15T00:00:00'