r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Update the software list

Browse Source
pull/465/head
cisagovbot 2 years ago
parent 1accb4541f
commit 1ac6221a21
23 changed files with 3349 additions and 3339 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 30
      SOFTWARE-LIST.md
  2. 688
      data/cisagov.yml
  3. 498
      data/cisagov_A.yml
  4. 116
      data/cisagov_B.yml
  5. 316
      data/cisagov_C.yml
  6. 1298
      data/cisagov_D.yml
  7. 250
      data/cisagov_E.yml
  8. 48
      data/cisagov_F.yml
  9. 141
      data/cisagov_G.yml
  10. 942
      data/cisagov_H.yml
  11. 422
      data/cisagov_I.yml
  12. 204
      data/cisagov_J.yml
  13. 12
      data/cisagov_L.yml
  14. 214
      data/cisagov_M.yml
  15. 32
      data/cisagov_N.yml
  16. 52
      data/cisagov_O.yml
  17. 24
      data/cisagov_Q.yml
  18. 628
      data/cisagov_S.yml
  19. 303
      data/cisagov_T.yml
  20. 38
      data/cisagov_U.yml
  21. 384
      data/cisagov_V.yml
  22. 12
      data/cisagov_W.yml
  23. 36
      data/cisagov_X.yml

30
SOFTWARE-LIST.md
Unescape View File

@ -231,10 +231,10 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -949,8 +949,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
@ -1180,6 +1180,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
| Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
@ -1309,14 +1310,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
| Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1324,6 +1323,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1396,7 +1396,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
@ -1526,11 +1530,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -2019,6 +2019,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2032,8 +2034,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
@ -2319,6 +2319,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2356,8 +2358,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
@ -2458,8 +2458,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |

688
data/cisagov.yml
View File

File diff suppressed because it is too large Load Diff

498
data/cisagov_A.yml
View File

File diff suppressed because it is too large Load Diff

116
data/cisagov_B.yml
Unescape View File

@ -33,7 +33,7 @@ software:
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Baxter
- vendor: BackBox
product: ''
cves:
cve-2021-4104:
@ -57,12 +57,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
- https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BackBox
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Balbix
product: ''
cves:
cve-2021-4104:
@ -86,12 +86,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf
- https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Balbix
- vendor: Baramundi Products
product: ''
cves:
cve-2021-4104:
@ -115,12 +115,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/
- https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Baramundi Products
- vendor: Barco
product: ''
cves:
cve-2021-4104:
@ -144,12 +144,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875
- https://www.barco.com/en/support/knowledge-base/kb12495
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Barco
- vendor: Barracuda
product: ''
cves:
cve-2021-4104:
@ -173,12 +173,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.barco.com/en/support/knowledge-base/kb12495
- https://www.barracuda.com/company/legal/trust-center
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Barracuda
- vendor: Baxter
product: ''
cves:
cve-2021-4104:
@ -202,13 +202,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.barracuda.com/company/legal/trust-center
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Outlook® Safety Infusion System Pump family
product: APEX® Compounder
cves:
cve-2021-4104:
investigated: false
@ -237,8 +237,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
Space® Infusion
product: DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software
cves:
cve-2021-4104:
investigated: false
@ -267,7 +266,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Pump, SpaceStation, and Space® Wireless Battery)
product: Outlook® Safety Infusion System Pump family
cves:
cve-2021-4104:
investigated: false
@ -296,7 +295,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software
product: Pinnacle® Compounder
cves:
cve-2021-4104:
investigated: false
@ -325,7 +324,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Pinnacle® Compounder
product: Pump, SpaceStation, and Space® Wireless Battery)
cves:
cve-2021-4104:
investigated: false
@ -354,7 +353,8 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: APEX® Compounder
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
Space® Infusion
cves:
cve-2021-4104:
investigated: false
@ -615,7 +615,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for Infusion Technologies
product: BD Knowledge Portal for BD Pyxis™ Supply
cves:
cve-2021-4104:
investigated: false
@ -644,7 +644,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for Medication Technologies
product: BD Knowledge Portal for Infusion Technologies
cves:
cve-2021-4104:
investigated: false
@ -673,7 +673,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for BD Pyxis™ Supply
product: BD Knowledge Portal for Medication Technologies
cves:
cve-2021-4104:
investigated: false
@ -1049,7 +1049,7 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: BioMerieux
- vendor: Bender
product: ''
cves:
cve-2021-4104:
@ -1073,12 +1073,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.biomerieux.com/en/cybersecurity-data-privacy
- https://www.bender.de/en/cert
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Bender
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response
(RTIR)
product: ''
cves:
cve-2021-4104:
@ -1102,14 +1103,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bender.de/en/cert
- https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response
(RTIR)
product: ''
- vendor: BeyondTrust
product: Privilege Management Cloud
cves:
cve-2021-4104:
investigated: false
@ -1117,9 +1117,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1132,13 +1133,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j
- https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
last_updated: '2021-12-17T00:00:00'
- vendor: BeyondTrust
product: Privilege Management Cloud
product: Privilege Management Reporting in BeyondInsight
cves:
cve-2021-4104:
investigated: false
@ -1149,7 +1150,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
- '21.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1168,7 +1169,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: BeyondTrust
product: Privilege Management Reporting in BeyondInsight
product: Secure Remote Access appliances
cves:
cve-2021-4104:
investigated: false
@ -1178,9 +1179,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '21.2'
unaffected_versions: []
fixed_versions: []
unaffected_versions:
- Unknown
cve-2021-45046:
investigated: false
affected_versions: []
@ -1197,8 +1198,8 @@ software:
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: BeyondTrust
product: Secure Remote Access appliances
- vendor: BeyondTrust Bomgar
product: ''
cves:
cve-2021-4104:
investigated: false
@ -1206,11 +1207,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1222,12 +1222,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell
- https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: BeyondTrust Bomgar
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BioMerieux
product: ''
cves:
cve-2021-4104:
@ -1251,11 +1251,11 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
- https://www.biomerieux.com/en/cybersecurity-data-privacy
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
last_updated: '2021-12-22T00:00:00'
- vendor: BisectHosting
product: ''
cves:
@ -2590,7 +2590,7 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Boston Scientific
- vendor: Bosch
product: ''
cves:
cve-2021-4104:
@ -2614,12 +2614,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
- https://bosch-iot-suite.com/news/apache-log4j-rce-vulnerability/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Bosch
last_updated: '2021-12-22T00:00:00'
- vendor: Boston Scientific
product: ''
cves:
cve-2021-4104:
@ -2643,11 +2643,11 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://bosch-iot-suite.com/news/apache-log4j-rce-vulnerability/
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
last_updated: '2021-12-20T00:00:00'
- vendor: Box
product: ''
cves:

316
data/cisagov_C.yml
Unescape View File

@ -121,7 +121,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: CT Medical Imaging Products
product: Alphenix (Angio Workstation)
cves:
cve-2021-4104:
investigated: false
@ -150,7 +150,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: MR Medical Imaging Products
product: CT Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
@ -179,7 +179,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: UL Medical Imaging Products
product: Infinix-i (Angio Workstation)
cves:
cve-2021-4104:
investigated: false
@ -208,7 +208,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: XR Medical Imaging Products
product: MR Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
@ -266,7 +266,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: Vitrea Advanced 7.x
product: UL Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
@ -295,7 +295,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: Infinix-i (Angio Workstation)
product: Vitrea Advanced 7.x
cves:
cve-2021-4104:
investigated: false
@ -324,7 +324,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: Alphenix (Angio Workstation)
product: XR Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
@ -997,65 +997,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Common Services Platform Collector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Network Services Orchestrator (NSO)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco System Architecture Evolution Gateway (SAEGW)
product: Cisco ACI Multi-Site Orchestrator
cves:
cve-2021-4104:
investigated: false
@ -1084,7 +1026,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco ACI Multi-Site Orchestrator
product: Cisco ACI Virtual Edge
cves:
cve-2021-4104:
investigated: false
@ -1113,7 +1055,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco ACI Virtual Edge
product: Cisco Adaptive Security Appliance (ASA) Software
cves:
cve-2021-4104:
investigated: false
@ -1142,7 +1084,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Adaptive Security Appliance (ASA) Software
product: Cisco Advanced Web Security Reporting Application
cves:
cve-2021-4104:
investigated: false
@ -1171,7 +1113,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Advanced Web Security Reporting Application
product: Cisco AMP Virtual Private Cloud Appliance
cves:
cve-2021-4104:
investigated: false
@ -1200,7 +1142,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco AMP Virtual Private Cloud Appliance
product: Cisco AnyConnect Secure Mobility Client
cves:
cve-2021-4104:
investigated: false
@ -1229,7 +1171,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco AnyConnect Secure Mobility Client
product: Cisco Application Policy Infrastructure Controller (APIC)
cves:
cve-2021-4104:
investigated: false
@ -1258,7 +1200,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Application Policy Infrastructure Controller (APIC)
product: Cisco ASR 5000 Series Routers
cves:
cve-2021-4104:
investigated: false
@ -1287,7 +1229,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco ASR 5000 Series Routers
product: Cisco Broadcloud Calling
cves:
cve-2021-4104:
investigated: false
@ -1316,7 +1258,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Broadcloud Calling
product: Cisco BroadWorks
cves:
cve-2021-4104:
investigated: false
@ -1345,7 +1287,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco BroadWorks
product: Cisco Catalyst 9800 Series Wireless Controllers
cves:
cve-2021-4104:
investigated: false
@ -1374,7 +1316,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Catalyst 9800 Series Wireless Controllers
product: Cisco CloudCenter Suite Admin
cves:
cve-2021-4104:
investigated: false
@ -1403,7 +1345,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco CloudCenter Suite Admin
product: Cisco CloudCenter Workload Manager
cves:
cve-2021-4104:
investigated: false
@ -1432,7 +1374,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco CloudCenter Workload Manager
product: Cisco Cognitive Intelligence
cves:
cve-2021-4104:
investigated: false
@ -1461,7 +1403,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Cognitive Intelligence
product: Cisco Common Services Platform Collector
cves:
cve-2021-4104:
investigated: false
@ -1866,34 +1808,6 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: DUO network gateway (on-prem/self-hosted)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Elastic Services Controller (ESC)
cves:
@ -2736,6 +2650,35 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Network Services Orchestrator (NSO)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Nexus 5500 Platform Switches
cves:
@ -3028,7 +2971,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Paging Server (InformaCast)
product: Cisco Paging Server
cves:
cve-2021-4104:
investigated: false
@ -3057,7 +3000,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Paging Server
product: Cisco Paging Server (InformaCast)
cves:
cve-2021-4104:
investigated: false
@ -3665,6 +3608,35 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco System Architecture Evolution Gateway (SAEGW)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco TelePresence Management Suite
cves:
@ -3956,7 +3928,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Unified Contact Center Enterprise - Live Data server
product: Cisco Unified Contact Center Enterprise
cves:
cve-2021-4104:
investigated: false
@ -3985,7 +3957,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Unified Contact Center Enterprise
product: Cisco Unified Contact Center Enterprise - Live Data server
cves:
cve-2021-4104:
investigated: false
@ -4419,6 +4391,34 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: DUO network gateway (on-prem/self-hosted)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: duo network gateway (on-prem/self-hosted)
cves:
@ -4811,7 +4811,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Citrix
product: ShareFile Storage Zones Controller
product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
cves:
cve-2021-4104:
investigated: false
@ -4835,16 +4835,19 @@ software:
unaffected_versions: []
vendor_links:
- https://support.citrix.com/article/CTX335705
notes: Citrix continues to investigate any potential impact on Citrix-managed
cloud services. If, as the investigation continues, any Citrix-managed services
are found to be affected by this issue, Citrix will take immediate action to
remediate the problem. Customers using Citrix-managed cloud services do not
need to take any action.
notes: 'IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046:
Customers are advised to apply the latest update as soon as possible to reduce
the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html).
See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for
additional mitigations. For CVE-2021-45105: Investigation has shown that Linux
VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30,
released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED:
Linux VDA LTSR all versions; All other CVAD components.'
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Citrix
product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
product: Citrix Workspace App
cves:
cve-2021-4104:
investigated: false
@ -4852,10 +4855,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All Platforms
cve-2021-45046:
investigated: false
affected_versions: []
@ -4868,19 +4872,16 @@ software:
unaffected_versions: []
vendor_links:
- https://support.citrix.com/article/CTX335705
notes: 'IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046:
Customers are advised to apply the latest update as soon as possible to reduce
the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html).
See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for
additional mitigations. For CVE-2021-45105: Investigation has shown that Linux
VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30,
released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED:
Linux VDA LTSR all versions; All other CVAD components.'
notes: Citrix continues to investigate any potential impact on Citrix-managed
cloud services. If, as the investigation continues, any Citrix-managed services
are found to be affected by this issue, Citrix will take immediate action to
remediate the problem. Customers using Citrix-managed cloud services do not
need to take any action.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Citrix
product: Citrix Workspace App
product: ShareFile Storage Zones Controller
cves:
cve-2021-4104:
investigated: false
@ -4888,11 +4889,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- All Platforms
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -6163,7 +6163,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cloudera
product: Workload XM (SaaS)
product: Workload XM
cves:
cve-2021-4104:
investigated: false
@ -6171,8 +6171,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- All versions
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -6192,7 +6193,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cloudera
product: Workload XM
product: Workload XM (SaaS)
cves:
cve-2021-4104:
investigated: false
@ -6200,9 +6201,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All versions
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -6663,7 +6663,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Platform
product: Confluent ElasticSearch Sink Connector
cves:
cve-2021-4104:
investigated: false
@ -6673,7 +6673,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <7.0.1
- <11.1.7
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -6723,7 +6723,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Kafka Connectors
product: Confluent Google DataProc Sink Connector
cves:
cve-2021-4104:
investigated: false
@ -6732,10 +6732,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
affected_versions:
- <1.1.5
fixed_versions: []
unaffected_versions:
- N/A
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -6753,7 +6753,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent ElasticSearch Sink Connector
product: Confluent HDFS 2 Sink Connector
cves:
cve-2021-4104:
investigated: false
@ -6763,7 +6763,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <11.1.7
- <10.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -6783,7 +6783,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Google DataProc Sink Connector
product: Confluent HDFS 3 Sink Connector
cves:
cve-2021-4104:
investigated: false
@ -6793,7 +6793,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <1.1.5
- <1.1.8
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -6813,7 +6813,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Splunk Sink Connector
product: Confluent Kafka Connectors
cves:
cve-2021-4104:
investigated: false
@ -6822,10 +6822,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <2.05
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- N/A
cve-2021-45046:
investigated: false
affected_versions: []
@ -6843,7 +6843,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent HDFS 2 Sink Connector
product: Confluent Platform
cves:
cve-2021-4104:
investigated: false
@ -6853,7 +6853,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <10.1.3
- <7.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -6873,7 +6873,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent HDFS 3 Sink Connector
product: Confluent Splunk Sink Connector
cves:
cve-2021-4104:
investigated: false
@ -6883,7 +6883,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <1.1.8
- <2.05
fixed_versions: []
unaffected_versions: []
cve-2021-45046:

1298
data/cisagov_D.yml
View File

File diff suppressed because it is too large Load Diff

250
data/cisagov_E.yml
Unescape View File

@ -356,7 +356,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Elastic
product: Elastic Cloud Enterprise
product: Elastic Cloud
cves:
cve-2021-4104:
investigated: false
@ -414,7 +414,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Elastic
product: Elastic Cloud on Kubernetes
product: Elastic Cloud Enterprise
cves:
cve-2021-4104:
investigated: false
@ -443,7 +443,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Elastic
product: Elastic Cloud
product: Elastic Cloud on Kubernetes
cves:
cve-2021-4104:
investigated: false
@ -795,7 +795,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: Ellucian
product: Banner Analytics
product: Admin
cves:
cve-2021-4104:
investigated: false
@ -824,7 +824,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Colleague
product: Banner Analytics
cves:
cve-2021-4104:
investigated: false
@ -848,12 +848,12 @@ software:
unaffected_versions: []
vendor_links:
- https://www.ellucian.com/news/ellucian-response-apache-log4j-issue
notes: On-prem and cloud deployements expect fixed 12/18/2021
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Admin
product: Banner Document Management (includes Banner Document Retention)
cves:
cve-2021-4104:
investigated: false
@ -882,7 +882,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Enterprise Identity Services(BEIS)
product: Banner Event Publisher
cves:
cve-2021-4104:
investigated: false
@ -969,7 +969,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Banner Workflow
product: Banner Self Service
cves:
cve-2021-4104:
investigated: false
@ -998,7 +998,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Banner Document Management (includes Banner Document Retention)
product: Banner Workflow
cves:
cve-2021-4104:
investigated: false
@ -1027,7 +1027,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Advance Web Connector
product: Colleague
cves:
cve-2021-4104:
investigated: false
@ -1051,12 +1051,12 @@ software:
unaffected_versions: []
vendor_links:
- https://www.ellucian.com/news/ellucian-response-apache-log4j-issue
notes: ''
notes: On-prem and cloud deployements expect fixed 12/18/2021
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian eTranscripts
product: Colleague Analytics
cves:
cve-2021-4104:
investigated: false
@ -1085,7 +1085,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Mobile
product: CRM Advance
cves:
cve-2021-4104:
investigated: false
@ -1114,7 +1114,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Solution Manager
product: CRM Advise
cves:
cve-2021-4104:
investigated: false
@ -1143,7 +1143,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Banner Event Publisher
product: CRM Recruit
cves:
cve-2021-4104:
investigated: false
@ -1172,7 +1172,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Banner Self Service
product: Ellucian Advance Web Connector
cves:
cve-2021-4104:
investigated: false
@ -1201,7 +1201,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Colleague Analytics
product: Ellucian Data Access
cves:
cve-2021-4104:
investigated: false
@ -1230,7 +1230,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: CRM Advance
product: Ellucian Design Path
cves:
cve-2021-4104:
investigated: false
@ -1259,7 +1259,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: CRM Advise
product: Ellucian Ellucian Portal
cves:
cve-2021-4104:
investigated: false
@ -1288,7 +1288,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: CRM Recruit
product: Ellucian ePrint
cves:
cve-2021-4104:
investigated: false
@ -1317,7 +1317,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Data Access
product: Ellucian Ethos API & API Management Center
cves:
cve-2021-4104:
investigated: false
@ -1346,7 +1346,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Design Path
product: Ellucian Ethos Extend
cves:
cve-2021-4104:
investigated: false
@ -1375,7 +1375,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian ePrint
product: Ellucian Ethos Integration
cves:
cve-2021-4104:
investigated: false
@ -1404,7 +1404,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Ethos API & API Management Center
product: Ellucian eTranscripts
cves:
cve-2021-4104:
investigated: false
@ -1433,7 +1433,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Ethos Extend
product: Ellucian Experience
cves:
cve-2021-4104:
investigated: false
@ -1462,7 +1462,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Ethos Integration
product: Ellucian Intelligent Platform (ILP)
cves:
cve-2021-4104:
investigated: false
@ -1491,7 +1491,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Experience
product: Ellucian International Student and Scholar Management (ISSM)
cves:
cve-2021-4104:
investigated: false
@ -1520,7 +1520,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Intelligent Platform (ILP)
product: Ellucian Message Service (EMS)
cves:
cve-2021-4104:
investigated: false
@ -1549,7 +1549,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian International Student and Scholar Management (ISSM)
product: Ellucian Messaging Adapter (EMA)
cves:
cve-2021-4104:
investigated: false
@ -1578,7 +1578,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Message Service (EMS)
product: Ellucian Mobile
cves:
cve-2021-4104:
investigated: false
@ -1607,7 +1607,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Messaging Adapter (EMA)
product: Ellucian Payment Gateway
cves:
cve-2021-4104:
investigated: false
@ -1636,7 +1636,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Payment Gateway
product: Ellucian PowerCampus
cves:
cve-2021-4104:
investigated: false
@ -1665,7 +1665,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian Ellucian Portal
product: Ellucian Solution Manager
cves:
cve-2021-4104:
investigated: false
@ -1723,7 +1723,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Ellucian
product: Ellucian PowerCampus
product: Enterprise Identity Services(BEIS)
cves:
cve-2021-4104:
investigated: false
@ -1752,7 +1752,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: K-Series Coriolis Transmitters
product: 148 Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -1781,7 +1781,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Prolink Configuration Software
product: 2051 Pressure Transmitter Family
cves:
cve-2021-4104:
investigated: false
@ -1810,7 +1810,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Prolink Mobile Application & ProcessViz Software
product: 2088 Pressure Transmitter Family
cves:
cve-2021-4104:
investigated: false
@ -1839,7 +1839,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 4732 Endeavor
product: 2090F/2090P Pressure Transmitters
cves:
cve-2021-4104:
investigated: false
@ -1868,7 +1868,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Vortex and Magmeter Transmitters
product: 215 Pressure Sensor Module
cves:
cve-2021-4104:
investigated: false
@ -1897,7 +1897,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: USM 3410 and 3810 Series Ultrasonic Transmitters
product: 248 Configuration Application
cves:
cve-2021-4104:
investigated: false
@ -1926,7 +1926,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Mark III Gas and Liquid USM
product: 248 Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -1955,7 +1955,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Flarecheck FlowCheck Flowel & PWAM software
product: 3051 & 3051S Pressure transmitter families
cves:
cve-2021-4104:
investigated: false
@ -1984,7 +1984,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: MPFM2600 & MPFM5726
product: 3144P Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2013,7 +2013,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: DHNC1 DHNC2
product: 326P Pressure Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2042,7 +2042,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: WCM SWGM
product: 326T Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2071,7 +2071,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Fieldwatch and Service consoles
product: 327T Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2100,7 +2100,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 5726 Transmitter
product: 4088 Pressure Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2129,7 +2129,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Plantweb Advisor for Metrology and Metering Suite SDK
product: 4088 Upgrade Utility
cves:
cve-2021-4104:
investigated: false
@ -2158,7 +2158,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
product: 4600 Pressure Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2187,7 +2187,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
product: 4732 Endeavor
cves:
cve-2021-4104:
investigated: false
@ -2216,9 +2216,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
Monitor'
product: 4732 Endeavor
cves:
cve-2021-4104:
investigated: false
@ -2247,7 +2245,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: K-Series Coriolis Transmitters
product: 550 PT Pressure Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2276,7 +2274,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Prolink Configuration Software
product: 5726 Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2305,7 +2303,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Prolink Mobile Application & ProcessViz Software
product: 5726 Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2334,7 +2332,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 4732 Endeavor
product: 644 Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2363,7 +2361,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Vortex and Magmeter Transmitters
product: 648 Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2392,7 +2390,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: USM 3410 and 3810 Series Ultrasonic Transmitters
product: 848T Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -2421,7 +2419,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Mark III Gas and Liquid USM
product: 'Combustion: OCX OXT 6888 CX1100 6888Xi'
cves:
cve-2021-4104:
investigated: false
@ -2450,7 +2448,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Flarecheck FlowCheck Flowel & PWAM software
product: CT2211 QCL Aerosol Microleak Detection System
cves:
cve-2021-4104:
investigated: false
@ -2479,7 +2477,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: MPFM2600 & MPFM5726
product: CT3000 QCL Automotive OEM Gas Analyzer
cves:
cve-2021-4104:
investigated: false
@ -2508,7 +2506,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: DHNC1 DHNC2
product: CT4000 QCL Marine OEM Gas Analyzer
cves:
cve-2021-4104:
investigated: false
@ -2537,7 +2535,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: WCM SWGM
product: CT4215 QCL Packaging Leak Detection System
cves:
cve-2021-4104:
investigated: false
@ -2566,7 +2564,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Fieldwatch and Service consoles
product: CT4400 QCL General Purpose Continuous Gas Analyzer
cves:
cve-2021-4104:
investigated: false
@ -2595,7 +2593,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 5726 Transmitter
product: CT4404 QCL pMDI Leak Detection Analyzer
cves:
cve-2021-4104:
investigated: false
@ -2624,7 +2622,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Plantweb Advisor for Metrology and Metering Suite SDK
product: CT5100 QCL Field Housing Continuous Gas Analyzer
cves:
cve-2021-4104:
investigated: false
@ -2653,7 +2651,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
product: CT5400 QCL General Purpose Continuous Gas Analyzer
cves:
cve-2021-4104:
investigated: false
@ -2682,7 +2680,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer
cves:
cve-2021-4104:
investigated: false
@ -2711,9 +2709,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
Monitor'
product: DHNC1 DHNC2
cves:
cve-2021-4104:
investigated: false
@ -2742,7 +2738,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Incus Ultrasonic gas leak detector
product: DHNC1 DHNC2
cves:
cve-2021-4104:
investigated: false
@ -2771,8 +2767,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared
Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector'
product: Emerson Aperio software
cves:
cve-2021-4104:
investigated: false
@ -2801,7 +2796,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Liquid Transmitters: 5081 1066 1056 1057 56'
product: Engineering Assistant 5.x & 6.x
cves:
cve-2021-4104:
investigated: false
@ -2830,7 +2825,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 'Combustion: OCX OXT 6888 CX1100 6888Xi'
product: Fieldwatch and Service consoles
cves:
cve-2021-4104:
investigated: false
@ -2859,7 +2854,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Spectrex family Flame Detectors and Rosemount 975 flame detector
product: Fieldwatch and Service consoles
cves:
cve-2021-4104:
investigated: false
@ -2888,7 +2883,8 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT4400 QCL General Purpose Continuous Gas Analyzer
product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared
Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector'
cves:
cve-2021-4104:
investigated: false
@ -2917,7 +2913,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT5400 QCL General Purpose Continuous Gas Analyzer
product: Flarecheck FlowCheck Flowel & PWAM software
cves:
cve-2021-4104:
investigated: false
@ -2946,7 +2942,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT5100 QCL Field Housing Continuous Gas Analyzer
product: Flarecheck FlowCheck Flowel & PWAM software
cves:
cve-2021-4104:
investigated: false
@ -2975,7 +2971,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer
product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
cves:
cve-2021-4104:
investigated: false
@ -3004,7 +3000,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT4215 QCL Packaging Leak Detection System
product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
cves:
cve-2021-4104:
investigated: false
@ -3033,7 +3029,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT2211 QCL Aerosol Microleak Detection System
product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
cves:
cve-2021-4104:
investigated: false
@ -3062,7 +3058,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT4404 QCL pMDI Leak Detection Analyzer
product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
cves:
cve-2021-4104:
investigated: false
@ -3091,7 +3087,9 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT4000 QCL Marine OEM Gas Analyzer
product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
Monitor'
cves:
cve-2021-4104:
investigated: false
@ -3120,7 +3118,9 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: CT3000 QCL Automotive OEM Gas Analyzer
product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
Monitor'
cves:
cve-2021-4104:
investigated: false
@ -3149,7 +3149,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 3051 & 3051S Pressure transmitter families
product: Incus Ultrasonic gas leak detector
cves:
cve-2021-4104:
investigated: false
@ -3178,7 +3178,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 2051 Pressure Transmitter Family
product: K-Series Coriolis Transmitters
cves:
cve-2021-4104:
investigated: false
@ -3207,7 +3207,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 4088 Pressure Transmitter
product: K-Series Coriolis Transmitters
cves:
cve-2021-4104:
investigated: false
@ -3236,7 +3236,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 2088 Pressure Transmitter Family
product: 'Liquid Transmitters: 5081 1066 1056 1057 56'
cves:
cve-2021-4104:
investigated: false
@ -3265,7 +3265,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 2090F/2090P Pressure Transmitters
product: Mark III Gas and Liquid USM
cves:
cve-2021-4104:
investigated: false
@ -3294,7 +3294,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 4600 Pressure Transmitter
product: Mark III Gas and Liquid USM
cves:
cve-2021-4104:
investigated: false
@ -3323,7 +3323,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 215 Pressure Sensor Module
product: MPFM2600 & MPFM5726
cves:
cve-2021-4104:
investigated: false
@ -3352,7 +3352,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 550 PT Pressure Transmitter
product: MPFM2600 & MPFM5726
cves:
cve-2021-4104:
investigated: false
@ -3381,7 +3381,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 326P Pressure Transmitter
product: Plantweb Advisor for Metrology and Metering Suite SDK
cves:
cve-2021-4104:
investigated: false
@ -3410,7 +3410,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 3144P Temperature Transmitter
product: Plantweb Advisor for Metrology and Metering Suite SDK
cves:
cve-2021-4104:
investigated: false
@ -3439,7 +3439,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 644 Temperature Transmitter
product: Prolink Configuration Software
cves:
cve-2021-4104:
investigated: false
@ -3468,7 +3468,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 848T Temperature Transmitter
product: Prolink Configuration Software
cves:
cve-2021-4104:
investigated: false
@ -3497,7 +3497,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 148 Temperature Transmitter
product: Prolink Mobile Application & ProcessViz Software
cves:
cve-2021-4104:
investigated: false
@ -3526,7 +3526,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 248 Temperature Transmitter
product: Prolink Mobile Application & ProcessViz Software
cves:
cve-2021-4104:
investigated: false
@ -3555,7 +3555,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 326T Temperature Transmitter
product: Rosemount 2230 Graphical Field Display
cves:
cve-2021-4104:
investigated: false
@ -3584,7 +3584,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 327T Temperature Transmitter
product: Rosemount 2240S Multi-input Temperature Transmitter
cves:
cve-2021-4104:
investigated: false
@ -3613,7 +3613,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 648 Temperature Transmitter
product: Rosemount 2410 Tank Hub
cves:
cve-2021-4104:
investigated: false
@ -3642,7 +3642,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 4088 Upgrade Utility
product: Rosemount 2460 System Hub
cves:
cve-2021-4104:
investigated: false
@ -3671,7 +3671,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Engineering Assistant 5.x & 6.x
product: Rosemount 3490 Controller
cves:
cve-2021-4104:
investigated: false
@ -3700,7 +3700,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: 248 Configuration Application
product: Rosemount CMS/IOU 61
cves:
cve-2021-4104:
investigated: false
@ -3729,7 +3729,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount IO-Link Assistant
product: Rosemount CMS/SCU 51/SCC
cves:
cve-2021-4104:
investigated: false
@ -3758,7 +3758,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount TankMaster and TankMaster Mobile
product: Rosemount CMS/WSU 51/SWF 51
cves:
cve-2021-4104:
investigated: false
@ -3787,7 +3787,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount RadarMaster and RadarMaster Plus
product: Rosemount IO-Link Assistant
cves:
cve-2021-4104:
investigated: false
@ -3816,7 +3816,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount Radar Configuration Tool
product: Rosemount Level Detectors (21xx)
cves:
cve-2021-4104:
investigated: false
@ -3845,7 +3845,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount 2460 System Hub
product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx)
cves:
cve-2021-4104:
investigated: false
@ -3874,7 +3874,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount 2410 Tank Hub
product: Rosemount Radar Configuration Tool
cves:
cve-2021-4104:
investigated: false
@ -3903,7 +3903,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount 3490 Controller
product: Rosemount Radar Level Gauges (Pro 39xx 59xx)
cves:
cve-2021-4104:
investigated: false
@ -3932,7 +3932,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount 2230 Graphical Field Display
product: Rosemount RadarMaster and RadarMaster Plus
cves:
cve-2021-4104:
investigated: false
@ -3961,7 +3961,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount 2240S Multi-input Temperature Transmitter
product: Rosemount Tank Radar Gauges (TGUxx)
cves:
cve-2021-4104:
investigated: false
@ -3990,7 +3990,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount CMS/SCU 51/SCC
product: Rosemount TankMaster and TankMaster Mobile
cves:
cve-2021-4104:
investigated: false
@ -4019,7 +4019,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount CMS/WSU 51/SWF 51
product: Spectrex family Flame Detectors and Rosemount 975 flame detector
cves:
cve-2021-4104:
investigated: false
@ -4048,7 +4048,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount CMS/IOU 61
product: USM 3410 and 3810 Series Ultrasonic Transmitters
cves:
cve-2021-4104:
investigated: false
@ -4077,7 +4077,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx)
product: USM 3410 and 3810 Series Ultrasonic Transmitters
cves:
cve-2021-4104:
investigated: false
@ -4106,7 +4106,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount Radar Level Gauges (Pro 39xx 59xx)
product: Vortex and Magmeter Transmitters
cves:
cve-2021-4104:
investigated: false
@ -4135,7 +4135,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount Tank Radar Gauges (TGUxx)
product: Vortex and Magmeter Transmitters
cves:
cve-2021-4104:
investigated: false
@ -4164,7 +4164,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Rosemount Level Detectors (21xx)
product: WCM SWGM
cves:
cve-2021-4104:
investigated: false
@ -4193,7 +4193,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Emerson
product: Emerson Aperio software
product: WCM SWGM
cves:
cve-2021-4104:
investigated: false

48
data/cisagov_F.yml
Unescape View File

@ -243,7 +243,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: Traffix SDC
product: NGINX App Protect
cves:
cve-2021-4104:
investigated: false
@ -252,11 +252,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 5.x (5.2.0 CF1
- 5.1.0 CF-30 - 5.1.0 CF-33)
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- 3.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -269,13 +268,12 @@ software:
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
Kibana), Element Management System'
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Plus
product: NGINX Controller
cves:
cve-2021-4104:
investigated: false
@ -287,7 +285,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- R19 - R25
- 3.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -305,7 +303,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Open Source
product: NGINX Ingress Controller
cves:
cve-2021-4104:
investigated: false
@ -317,7 +315,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
- 1.x - 2.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -335,7 +333,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Unit
product: NGINX Instance Manager
cves:
cve-2021-4104:
investigated: false
@ -365,7 +363,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX App Protect
product: NGINX Open Source
cves:
cve-2021-4104:
investigated: false
@ -377,7 +375,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.x
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -395,7 +393,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Controller
product: NGINX Plus
cves:
cve-2021-4104:
investigated: false
@ -407,7 +405,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.x
- R19 - R25
cve-2021-45046:
investigated: false
affected_versions: []
@ -425,7 +423,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Ingress Controller
product: NGINX Service Mesh
cves:
cve-2021-4104:
investigated: false
@ -437,7 +435,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x - 2.x
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -455,7 +453,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Instance Manager
product: NGINX Unit
cves:
cve-2021-4104:
investigated: false
@ -485,7 +483,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Service Mesh
product: Traffix SDC
cves:
cve-2021-4104:
investigated: false
@ -494,10 +492,11 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
affected_versions:
- 5.x (5.2.0 CF1
- 5.1.0 CF-30 - 5.1.0 CF-33)
fixed_versions: []
unaffected_versions:
- 1.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -510,7 +509,8 @@ software:
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
Kibana), Element Management System'
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'

141
data/cisagov_G.yml
Unescape View File

@ -65,7 +65,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Baseline Security Center (BSC)
product: Asset Performance Management (APM)
cves:
cve-2021-4104:
investigated: false
@ -89,13 +89,12 @@ software:
unaffected_versions: []
vendor_links:
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
notes: Vulnerability to be fixed by vendor provided workaround. No user actions
necessary. Contact GE for details.
notes: GE verifying workaround.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Baseline Security Center (BSC) 2.0
product: Baseline Security Center (BSC)
cves:
cve-2021-4104:
investigated: false
@ -120,12 +119,12 @@ software:
vendor_links:
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
notes: Vulnerability to be fixed by vendor provided workaround. No user actions
necessary. Contact GE for details
necessary. Contact GE for details.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Asset Performance Management (APM)
product: Baseline Security Center (BSC) 2.0
cves:
cve-2021-4104:
investigated: false
@ -149,7 +148,8 @@ software:
unaffected_versions: []
vendor_links:
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
notes: GE verifying workaround.
notes: Vulnerability to be fixed by vendor provided workaround. No user actions
necessary. Contact GE for details
references:
- ''
last_updated: '2021-12-22T00:00:00'
@ -536,7 +536,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: GoAnywhere
product: MFT
product: Gateway
cves:
cve-2021-4104:
investigated: false
@ -546,7 +546,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 6.8.6
- < 2.8.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -566,7 +566,7 @@ software:
- ''
last_updated: '2021-12-18T00:00:00'
- vendor: GoAnywhere
product: Gateway
product: MFT
cves:
cve-2021-4104:
investigated: false
@ -576,7 +576,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 2.8.4
- < 6.8.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -679,12 +679,13 @@ software:
unaffected_versions: []
vendor_links:
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
notes: Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability.
notes: Chrome Browser releases, infrastructure and admin console are not using
versions of Log4j affected by the vulnerability.
references:
- ''
last_updated: '2022-01-14'
- vendor: Google Cloud
product: AI Platform Data Labeling
product: Access Transparency
cves:
cve-2021-4104:
investigated: false
@ -714,7 +715,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: AI Platform Neural Architecture Search (NAS)
product: Actifio
cves:
cve-2021-4104:
investigated: false
@ -738,13 +739,15 @@ software:
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
for the full statement and to obtain the hotfix (available to Actifio customers
only).
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: AI Platform Training and Prediction
product: AI Platform Data Labeling
cves:
cve-2021-4104:
investigated: false
@ -774,7 +777,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Access Transparency
product: AI Platform Neural Architecture Search (NAS)
cves:
cve-2021-4104:
investigated: false
@ -804,7 +807,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Actifio
product: AI Platform Training and Prediction
cves:
cve-2021-4104:
investigated: false
@ -828,10 +831,8 @@ software:
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
for the full statement and to obtain the hotfix (available to Actifio customers
only).
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
@ -989,7 +990,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos Premium Software
product: Anthos on VMWare
cves:
cve-2021-4104:
investigated: false
@ -1014,12 +1015,16 @@ software:
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
to their VMware products as they become available. We also recommend customers
review their respective applications and workloads affected by the same vulnerabilities
and apply appropriate patches.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos Service Mesh
product: Anthos Premium Software
cves:
cve-2021-4104:
investigated: false
@ -1049,7 +1054,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos on VMWare
product: Anthos Service Mesh
cves:
cve-2021-4104:
investigated: false
@ -1074,11 +1079,7 @@ software:
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
to their VMware products as they become available. We also recommend customers
review their respective applications and workloads affected by the same vulnerabilities
and apply appropriate patches.
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
@ -1793,7 +1794,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud DNS
product: Cloud Data Loss Prevention
cves:
cve-2021-4104:
investigated: false
@ -1821,9 +1822,9 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Data Loss Prevention
product: Cloud Debugger
cves:
cve-2021-4104:
investigated: false
@ -1853,7 +1854,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Debugger
product: Cloud Deployment Manager
cves:
cve-2021-4104:
investigated: false
@ -1883,7 +1884,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Deployment Manager
product: Cloud DNS
cves:
cve-2021-4104:
investigated: false
@ -1911,7 +1912,7 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: Cloud Endpoints
cves:
@ -2036,7 +2037,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Intrusion Detection System (IDS)
product: Cloud Interconnect
cves:
cve-2021-4104:
investigated: false
@ -2066,7 +2067,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Interconnect
product: Cloud Intrusion Detection System (IDS)
cves:
cve-2021-4104:
investigated: false
@ -2186,7 +2187,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Network Address Translation (NAT)
product: Cloud Natural Language API
cves:
cve-2021-4104:
investigated: false
@ -2214,9 +2215,9 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Natural Language API
product: Cloud Network Address Translation (NAT)
cves:
cve-2021-4104:
investigated: false
@ -2244,7 +2245,7 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: Cloud Profiler
cves:
@ -2372,7 +2373,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud SDK
product: Cloud Scheduler
cves:
cve-2021-4104:
investigated: false
@ -2402,7 +2403,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud SQL
product: Cloud SDK
cves:
cve-2021-4104:
investigated: false
@ -2430,9 +2431,9 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-19T00:00:00'
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Scheduler
product: Cloud Shell
cves:
cve-2021-4104:
investigated: false
@ -2457,12 +2458,15 @@ software:
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
logging solution that uses Log4j 2. We strongly encourage customers who manage
Cloud Shell environments to identify components dependent on Log4j 2 and update
them to the latest version.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Shell
product: Cloud Source Repositories
cves:
cve-2021-4104:
investigated: false
@ -2487,15 +2491,12 @@ software:
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
logging solution that uses Log4j 2. We strongly encourage customers who manage
Cloud Shell environments to identify components dependent on Log4j 2 and update
them to the latest version.
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Source Repositories
product: Cloud Spanner
cves:
cve-2021-4104:
investigated: false
@ -2523,9 +2524,9 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
last_updated: '2021-12-19T00:00:00'
- vendor: Google Cloud
product: Cloud Spanner
product: Cloud SQL
cves:
cve-2021-4104:
investigated: false
@ -2705,7 +2706,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud VPN
product: Cloud Vision
cves:
cve-2021-4104:
investigated: false
@ -2733,9 +2734,9 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Vision
product: Cloud Vision OCR On-Prem
cves:
cve-2021-4104:
investigated: false
@ -2765,7 +2766,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Vision OCR On-Prem
product: Cloud VPN
cves:
cve-2021-4104:
investigated: false
@ -2793,7 +2794,7 @@ software:
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: CompilerWorks
cves:
@ -4866,7 +4867,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
product: Alert Engine
cves:
cve-2021-4104:
investigated: false
@ -4878,7 +4879,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
- 1.5.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -4896,7 +4897,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
product: Alert Engine
cves:
cve-2021-4104:
investigated: false
@ -4908,7 +4909,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
- 1.4.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -4926,7 +4927,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: Alert Engine
product: API Management
cves:
cve-2021-4104:
investigated: false
@ -4938,7 +4939,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.5.x
- 3.10.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -4956,7 +4957,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: Alert Engine
product: API Management
cves:
cve-2021-4104:
investigated: false
@ -4968,7 +4969,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.4.x
- 3.5.x
cve-2021-45046:
investigated: false
affected_versions: []

942
data/cisagov_H.yml
View File

File diff suppressed because it is too large Load Diff

422
data/cisagov_I.yml
View File

File diff suppressed because it is too large Load Diff

204
data/cisagov_J.yml
Unescape View File

@ -209,9 +209,8 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: JetBrains
product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand,
IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu,
Rider, RubyMine, WebStorm)
product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory,
dotCover, dotPeek)
cves:
cve-2021-4104:
investigated: false
@ -240,9 +239,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory,
dotCover, dotPeek)
- vendor: Jetbrains
product: Code With Me
cves:
cve-2021-4104:
investigated: false
@ -252,9 +250,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -272,7 +270,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: ToolBox
product: Datalore
cves:
cve-2021-4104:
investigated: false
@ -302,7 +300,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: TeamCity
product: Floating license server
cves:
cve-2021-4104:
investigated: false
@ -312,9 +310,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Unknown
fixed_versions:
- '30211'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -326,13 +324,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://youtrack.jetbrains.com/issue/TW-74298
- https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: Hub
product: Gateway
cves:
cve-2021-4104:
investigated: false
@ -342,9 +340,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 2021.1.14080
unaffected_versions: []
fixed_versions: []
unaffected_versions:
- Unknown
cve-2021-45046:
investigated: false
affected_versions: []
@ -356,13 +354,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/
- https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: YouTrack Standalone
product: Hub
cves:
cve-2021-4104:
investigated: false
@ -373,7 +371,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- 2021.4.35970
- 2021.1.14080
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -386,13 +384,15 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/
- https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: YouTrack InCloud
product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand,
IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu,
Rider, RubyMine, WebStorm)
cves:
cve-2021-4104:
investigated: false
@ -402,9 +402,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
fixed_versions: []
unaffected_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -422,7 +422,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: Datalore
product: Kotlin
cves:
cve-2021-4104:
investigated: false
@ -452,7 +452,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: Space
product: Ktor
cves:
cve-2021-4104:
investigated: false
@ -481,8 +481,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Jetbrains
product: Code With Me
- vendor: JetBrains
product: MPS
cves:
cve-2021-4104:
investigated: false
@ -492,9 +492,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
fixed_versions: []
unaffected_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -512,7 +512,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: Gateway
product: Space
cves:
cve-2021-4104:
investigated: false
@ -542,7 +542,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: Kotlin
product: TeamCity
cves:
cve-2021-4104:
investigated: false
@ -566,13 +566,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
- https://youtrack.jetbrains.com/issue/TW-74298
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: Ktor
product: ToolBox
cves:
cve-2021-4104:
investigated: false
@ -602,7 +602,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: MPS
product: UpSource
cves:
cve-2021-4104:
investigated: false
@ -612,9 +612,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Unknown
fixed_versions:
- 2020.1.1952
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -632,7 +632,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: Floating license server
product: YouTrack InCloud
cves:
cve-2021-4104:
investigated: false
@ -643,7 +643,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- '30211'
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -662,7 +662,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: JetBrains
product: UpSource
product: YouTrack Standalone
cves:
cve-2021-4104:
investigated: false
@ -673,7 +673,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- 2020.1.1952
- 2021.4.35970
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -686,7 +686,7 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
- https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/
notes: ''
references:
- ''
@ -778,8 +778,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: jPOS
product: (ISO-8583) bridge
- vendor: Johnson Controls
product: BCPro
cves:
cve-2021-4104:
investigated: false
@ -791,7 +791,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- Unknown
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
@ -803,13 +803,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625
- https://www.johnsoncontrols.com/cyber-solutions/security-advisories
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: C•CURE‐9000
product: CEM AC2000
cves:
cve-2021-4104:
investigated: false
@ -821,7 +821,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.90.x (all 2.90 versions)
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
@ -839,7 +839,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: C•CURE‐9000
product: CEM Hardware Products
cves:
cve-2021-4104:
investigated: false
@ -851,7 +851,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.80.x (all 2.80 versions)
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
@ -869,7 +869,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: C•CURE‐9000
product: CloudVue Gateway
cves:
cve-2021-4104:
investigated: false
@ -881,7 +881,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.70 (All versions)
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
@ -899,7 +899,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: C•CURE‐9000
product: CloudVue Web
cves:
cve-2021-4104:
investigated: false
@ -911,7 +911,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.60 (All versions)
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
@ -929,7 +929,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: victor
product: C•CURE‐9000
cves:
cve-2021-4104:
investigated: false
@ -941,7 +941,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 5.x
- 2.90.x (all 2.90 versions)
cve-2021-45046:
investigated: false
affected_versions: []
@ -959,7 +959,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: victor/ C•CURE‐9000 Unified
product: C•CURE‐9000
cves:
cve-2021-4104:
investigated: false
@ -971,7 +971,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.81.x / victor 5.4.1 / C•CURE‐9000 2.80
- 2.80.x (all 2.80 versions)
cve-2021-45046:
investigated: false
affected_versions: []
@ -989,7 +989,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: victor/ C•CURE‐9000 Unified
product: C•CURE‐9000
cves:
cve-2021-4104:
investigated: false
@ -1001,7 +1001,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90
- 2.70 (All versions)
cve-2021-45046:
investigated: false
affected_versions: []
@ -1019,7 +1019,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: Metasys Products and Tools
product: C•CURE‐9000
cves:
cve-2021-4104:
investigated: false
@ -1031,7 +1031,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
- 2.60 (All versions)
cve-2021-45046:
investigated: false
affected_versions: []
@ -1049,7 +1049,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: Facility Explorer
product: DLS
cves:
cve-2021-4104:
investigated: false
@ -1061,7 +1061,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 14.x
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
@ -1079,7 +1079,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: CEM AC2000
product: Entrapass
cves:
cve-2021-4104:
investigated: false
@ -1109,7 +1109,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: CEM Hardware Products
product: exacqVision Client
cves:
cve-2021-4104:
investigated: false
@ -1139,7 +1139,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: Illustra Cameras
product: exacqVision Server
cves:
cve-2021-4104:
investigated: false
@ -1169,7 +1169,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: Illustra Insight
product: exacqVision WebService
cves:
cve-2021-4104:
investigated: false
@ -1199,7 +1199,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: Tyco AI
product: Facility Explorer
cves:
cve-2021-4104:
investigated: false
@ -1211,7 +1211,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
- 14.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -1229,7 +1229,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: DLS
product: Illustra Cameras
cves:
cve-2021-4104:
investigated: false
@ -1259,7 +1259,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: Entrapass
product: Illustra Insight
cves:
cve-2021-4104:
investigated: false
@ -1289,7 +1289,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: CloudVue Web
product: iSTAR
cves:
cve-2021-4104:
investigated: false
@ -1319,7 +1319,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: CloudVue Gateway
product: Metasys Products and Tools
cves:
cve-2021-4104:
investigated: false
@ -1349,7 +1349,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: Qolsys IQ Panels
product: PowerSeries NEO
cves:
cve-2021-4104:
investigated: false
@ -1379,7 +1379,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: PowerSeries NEO
product: PowerSeries Pro
cves:
cve-2021-4104:
investigated: false
@ -1409,7 +1409,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: PowerSeries Pro
product: Qolsys IQ Panels
cves:
cve-2021-4104:
investigated: false
@ -1469,7 +1469,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: VideoEdge
product: Tyco AI
cves:
cve-2021-4104:
investigated: false
@ -1481,7 +1481,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 5.x
- All versions
cve-2021-45046:
investigated: false
affected_versions: []
@ -1499,7 +1499,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: exacqVision Server
product: victor
cves:
cve-2021-4104:
investigated: false
@ -1511,7 +1511,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
- 5.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -1529,7 +1529,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: exacqVision Client
product: victor/ C•CURE‐9000 Unified
cves:
cve-2021-4104:
investigated: false
@ -1541,7 +1541,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
- 3.81.x / victor 5.4.1 / C•CURE‐9000 2.80
cve-2021-45046:
investigated: false
affected_versions: []
@ -1559,7 +1559,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: exacqVision WebService
product: victor/ C•CURE‐9000 Unified
cves:
cve-2021-4104:
investigated: false
@ -1571,7 +1571,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
- 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90
cve-2021-45046:
investigated: false
affected_versions: []
@ -1589,7 +1589,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: BCPro
product: VideoEdge
cves:
cve-2021-4104:
investigated: false
@ -1601,7 +1601,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
- 5.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -1618,8 +1618,8 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Johnson Controls
product: iSTAR
- vendor: Journyx
product: ''
cves:
cve-2021-4104:
investigated: false
@ -1627,11 +1627,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- All versions
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1643,13 +1642,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.johnsoncontrols.com/cyber-solutions/security-advisories
- https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228-
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Journyx
product: ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: jPOS
product: (ISO-8583) bridge
cves:
cve-2021-4104:
investigated: false
@ -1657,10 +1656,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- Unknown
cve-2021-45046:
investigated: false
affected_versions: []
@ -1672,7 +1672,7 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228-
- https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625
notes: ''
references:
- ''

12
data/cisagov_L.yml
Unescape View File

@ -614,7 +614,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
product: BOND Controller
cves:
cve-2021-4104:
investigated: false
@ -643,7 +643,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND Controller
product: BOND RX
cves:
cve-2021-4104:
investigated: false
@ -672,7 +672,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
product: BOND RXm
cves:
cve-2021-4104:
investigated: false
@ -701,7 +701,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
@ -730,7 +730,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND RX
product: BOND-III
cves:
cve-2021-4104:
investigated: false
@ -759,7 +759,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND RXm
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false

214
data/cisagov_M.yml
Unescape View File

@ -63,7 +63,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: ManageEngine
product: Servicedesk Plus
product: AD SelfService Plus
cves:
cve-2021-4104:
investigated: false
@ -72,10 +72,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '11305 and below'
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- Build 6.1 build 6114
cve-2021-45046:
investigated: false
affected_versions: []
@ -86,14 +86,13 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.manageengine.com/products/service-desk/security-response-plan.html
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
last_updated: '2021-12-27T00:00:00'
- vendor: ManageEngine
product: AD SelfService Plus
product: Servicedesk Plus
cves:
cve-2021-4104:
investigated: false
@ -102,10 +101,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
affected_versions:
- 11305 and below
fixed_versions: []
unaffected_versions:
- 'Build 6.1 build 6114'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -116,11 +115,12 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
vendor_links:
- https://www.manageengine.com/products/service-desk/security-response-plan.html
notes: ''
references:
- ''
last_updated: '2021-12-27T00:00:00'
last_updated: '2021-12-15T00:00:00'
- vendor: ManageEngine Zoho
product: ''
cves:
@ -151,7 +151,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: ManageEngine Zoho
product: ADManager Plus
product: ADAudit Plus
cves:
cve-2021-4104:
investigated: false
@ -180,7 +180,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: ADAudit Plus
product: ADManager Plus
cves:
cve-2021-4104:
investigated: false
@ -209,7 +209,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: DataSecurity Plus
product: Analytics Plus
cves:
cve-2021-4104:
investigated: false
@ -238,7 +238,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: EventLog Analyzer
product: Cloud Security Plus
cves:
cve-2021-4104:
investigated: false
@ -267,7 +267,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: M365 Manager Plus
product: DataSecurity Plus
cves:
cve-2021-4104:
investigated: false
@ -296,7 +296,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: RecoveryManager Plus
product: EventLog Analyzer
cves:
cve-2021-4104:
investigated: false
@ -412,7 +412,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: Cloud Security Plus
product: M365 Manager Plus
cves:
cve-2021-4104:
investigated: false
@ -470,7 +470,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: Analytics Plus
product: RecoveryManager Plus
cves:
cve-2021-4104:
investigated: false
@ -569,7 +569,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -598,7 +598,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- '1.59.10+'
- 1.59.10+
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -927,7 +927,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: ePolicy Orchestrator Application Server (ePO)
product: Enterprise Security Manager (ESM)
cves:
cve-2021-4104:
investigated: false
@ -938,7 +938,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- '5.10 CU11'
- 11.5.3
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -985,7 +985,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: Host Intrusion Prevention (Host IPS)
product: ePolicy Orchestrator Application Server (ePO)
cves:
cve-2021-4104:
investigated: false
@ -993,9 +993,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
fixed_versions:
- 5.10 CU11
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1007,13 +1008,14 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
vendor_links:
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: Management of Native Encryption (MNE)
product: Host Intrusion Prevention (Host IPS)
cves:
cve-2021-4104:
investigated: false
@ -1041,7 +1043,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Active Response (MAR)
product: Management of Native Encryption (MNE)
cves:
cve-2021-4104:
investigated: false
@ -1069,7 +1071,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Agent (MA)
product: McAfee Active Response (MAR)
cves:
cve-2021-4104:
investigated: false
@ -1097,7 +1099,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Application and Change Control (MACC) for Linux
product: McAfee Agent (MA)
cves:
cve-2021-4104:
investigated: false
@ -1125,7 +1127,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Application and Change Control (MACC) for Windows
product: McAfee Application and Change Control (MACC) for Linux
cves:
cve-2021-4104:
investigated: false
@ -1153,7 +1155,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Client Proxy (MCP) for Mac
product: McAfee Application and Change Control (MACC) for Windows
cves:
cve-2021-4104:
investigated: false
@ -1181,7 +1183,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Client Proxy (MCP) for Windows
product: McAfee Client Proxy (MCP) for Mac
cves:
cve-2021-4104:
investigated: false
@ -1209,7 +1211,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Drive Encryption (MDE)
product: McAfee Client Proxy (MCP) for Windows
cves:
cve-2021-4104:
investigated: false
@ -1237,7 +1239,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Security for Microsoft Exchange (MSME)
product: McAfee Drive Encryption (MDE)
cves:
cve-2021-4104:
investigated: false
@ -1265,7 +1267,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Security for Microsoft SharePoint (MSMS)
product: McAfee Security for Microsoft Exchange (MSME)
cves:
cve-2021-4104:
investigated: false
@ -1321,7 +1323,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: Enterprise Security Manager (ESM)
product: McAfee Security for Microsoft SharePoint (MSMS)
cves:
cve-2021-4104:
investigated: false
@ -1329,10 +1331,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions:
- '11.5.3'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1344,8 +1345,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
vendor_links: []
notes: ''
references:
- ''
@ -1637,8 +1637,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft
product: Azure Application Gateway
- vendor: Micro Focus
product: Data Protector
cves:
cve-2021-4104:
investigated: false
@ -1646,9 +1646,19 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
fixed_versions:
- '10.20'
- '10.30'
- '10.40'
- '10.50'
- '10.60'
- '10.70'
- '10.80'
- '10.90'
- '10.91'
- '11.00'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1661,11 +1671,11 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
- https://portal.microfocus.com/s/article/KM000003052
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
last_updated: '2021-12-13T00:00:00'
- vendor: Microsoft
product: Azure API Gateway
cves:
@ -1696,7 +1706,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft
product: Azure Data lake store java
product: Azure Application Gateway
cves:
cve-2021-4104:
investigated: false
@ -1704,9 +1714,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '< 2.3.10'
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1720,7 +1729,7 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
notes: ''
references:
- ''
@ -1736,7 +1745,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '< 2.3.10'
- < 2.3.10
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1756,7 +1765,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft
product: Azure DevOps Server
product: Azure Data lake store java
cves:
cve-2021-4104:
investigated: false
@ -1766,7 +1775,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '2019.0 - 2020.1'
- < 2.3.10
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1780,7 +1789,7 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
- https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310
notes: ''
references:
- ''
@ -1815,7 +1824,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft
product: Azure Traffic Manager
product: Azure DevOps Server
cves:
cve-2021-4104:
investigated: false
@ -1823,8 +1832,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 2019.0 - 2020.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1838,13 +1848,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
- https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft
product: Team Foundation Server
product: Azure Traffic Manager
cves:
cve-2021-4104:
investigated: false
@ -1852,9 +1862,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '2018.2+'
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1868,13 +1877,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microstrategy
product: ''
- vendor: Microsoft
product: Team Foundation Server
cves:
cve-2021-4104:
investigated: false
@ -1882,8 +1891,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 2018.2+
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1897,13 +1907,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US
- https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Micro Focus
product: Data Protector
- vendor: Microstrategy
product: ''
cves:
cve-2021-4104:
investigated: false
@ -1911,19 +1921,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions:
- '10.20'
- '10.30'
- '10.40'
- '10.50'
- '10.60'
- '10.70'
- '10.80'
- '10.90'
- '10.91'
- '11.00'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1936,11 +1936,11 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://portal.microfocus.com/s/article/KM000003052
- https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US
notes: ''
references:
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
last_updated: '2021-12-13T00:00:00'
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Midori Global
product: ''
cves:
@ -2538,7 +2538,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: ''
affected_versions: []
@ -2551,7 +2551,9 @@ software:
unaffected_versions: []
vendor_links:
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
notes: Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected.
notes: Moxa is investigating to determine if any of our products are affected
by this vulnerability. At the time of publication, none of Moxa's products are
affected.
references:
- ''
last_updated: '2022-01-19T00:00:00'
@ -2586,7 +2588,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Mulesoft
product: Mule Runtime
product: Anypoint Studio
cves:
cve-2021-4104:
investigated: false
@ -2596,8 +2598,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '3.x'
- '4.x'
- 7.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -2618,7 +2619,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Mule Agent
product: Cloudhub
cves:
cve-2021-4104:
investigated: false
@ -2626,9 +2627,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '6.x'
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -2649,7 +2649,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Cloudhub
product: Mule Agent
cves:
cve-2021-4104:
investigated: false
@ -2657,8 +2657,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 6.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -2679,7 +2680,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Anypoint Studio
product: Mule Runtime
cves:
cve-2021-4104:
investigated: false
@ -2689,7 +2690,8 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '7.x'
- 3.x
- 4.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:

32
data/cisagov_N.yml
Unescape View File

@ -102,9 +102,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 'Vertica'
- 'Cloudera'
- 'Logstash'
- Vertica
- Cloudera
- Logstash
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -136,7 +136,7 @@ software:
investigated: true
affected_versions:
- '>4.2'
- '<4..2.12'
- <4..2.12
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -282,7 +282,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- '3.0.57'
- 3.0.57
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -312,7 +312,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '<7.4.3'
- <7.4.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -374,7 +374,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- '21.04.0.5552'
- 21.04.0.5552
cve-2021-45046:
investigated: false
affected_versions: []
@ -1343,7 +1343,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
product: LCM
cves:
cve-2021-4104:
investigated: false
@ -1351,10 +1351,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -1367,12 +1368,12 @@ software:
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: LCM
product: Leap
cves:
cve-2021-4104:
investigated: false
@ -1380,11 +1381,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1397,7 +1397,7 @@ software:
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: ''
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'

52
data/cisagov_O.yml
Unescape View File

@ -295,7 +295,7 @@ software:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta RADIUS Server Agent
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
@ -305,7 +305,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 2.17.0
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -319,13 +319,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta Verify
product: Okta RADIUS Server Agent
cves:
cve-2021-4104:
investigated: false
@ -333,8 +333,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- < 2.17.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -348,13 +349,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sec.okta.com/articles/2021/12/log4shell
- https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta Workflows
product: Okta Verify
cves:
cve-2021-4104:
investigated: false
@ -383,7 +384,7 @@ software:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
product: Okta Workflows
cves:
cve-2021-4104:
investigated: false
@ -391,9 +392,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -407,7 +407,7 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
- https://sec.okta.com/articles/2021/12/log4shell
notes: ''
references:
- ''
@ -587,7 +587,7 @@ software:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
cves:
cve-2021-4104:
investigated: false
@ -597,9 +597,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
- < 4.3g
fixed_versions:
- 3.3.2
- 4.3g
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -618,7 +618,7 @@ software:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
product: GROOV-AT1, GROOV-AT1-SNAP
cves:
cve-2021-4104:
investigated: false
@ -649,7 +649,7 @@ software:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GROOV-AT1, GROOV-AT1-SNAP
product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
cves:
cve-2021-4104:
investigated: false
@ -680,7 +680,7 @@ software:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
@ -690,9 +690,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 4.3g
- < 3.3.2
fixed_versions:
- 4.3g
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -741,7 +741,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Oracle
product: Exadata
product: Enterprise Manager
cves:
cve-2021-4104:
investigated: false
@ -751,7 +751,8 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <21.3.4
- '13.5'
- 13.4 & 13.3.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -773,7 +774,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Oracle
product: Enterprise Manager
product: Exadata
cves:
cve-2021-4104:
investigated: false
@ -783,8 +784,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '13.5'
- 13.4 & 13.3.2
- <21.3.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:

24
data/cisagov_Q.yml
Unescape View File

@ -63,7 +63,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
- vendor: QMATIC
product: Orchestra Central
product: Appointment Booking
cves:
cve-2021-4104:
investigated: false
@ -72,10 +72,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
affected_versions:
- 2.4+
fixed_versions: []
unaffected_versions:
- 6.0+
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -88,7 +88,7 @@ software:
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: ''
notes: Update to v. 2.8.2 which contains log4j 2.16
references:
- ''
last_updated: '2021-12-21T00:00:00'
@ -103,7 +103,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 2.4+
- Cloud/Managed Service
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -118,7 +118,7 @@ software:
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: Update to v. 2.8.2 which contains log4j 2.16
notes: log4j 2.16 applied 2021-12-15
references:
- ''
last_updated: '2021-12-21T00:00:00'
@ -153,7 +153,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC
product: Appointment Booking
product: Orchestra Central
cves:
cve-2021-4104:
investigated: false
@ -162,10 +162,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Cloud/Managed Service
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- 6.0+
cve-2021-45046:
investigated: false
affected_versions: []
@ -178,7 +178,7 @@ software:
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: log4j 2.16 applied 2021-12-15
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'

628
data/cisagov_S.yml
View File

File diff suppressed because it is too large Load Diff

303
data/cisagov_T.yml
Unescape View File

@ -5,7 +5,7 @@ owners:
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: Tableau
product: Tableau Server
product: Tableau Bridge
cves:
cve-2021-4104:
investigated: false
@ -15,19 +15,19 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 'The following versions and lower: 2021.4'
- 2021.3.4
- 2021.2.5
- 2021.1.8
- 2020.4.11
- 2020.3.14
- 2020.2.19
- 2020.1.22
- 2019.4.25
- 2019.3.26
- 2019.2.29
- 2019.1.29
- 2018.3.29
- 'The following versions and lower: 20214.21.1109.1748'
- 20213.21.1112.1434
- 20212.21.0818.1843
- 20211.21.0617.1133
- 20204.21.0217.1203
- 20203.20.0913.2112
- 20202.20.0721.1350
- 20201.20.0614.2321
- 20194.20.0614.2307
- 20193.20.0614.2306
- 20192.19.0917.1648
- 20191.19.0402.1911
- 20183.19.0115.1143
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -191,7 +191,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Tableau
product: Tableau Bridge
product: Tableau Server
cves:
cve-2021-4104:
investigated: false
@ -201,19 +201,19 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 'The following versions and lower: 20214.21.1109.1748'
- 20213.21.1112.1434
- 20212.21.0818.1843
- 20211.21.0617.1133
- 20204.21.0217.1203
- 20203.20.0913.2112
- 20202.20.0721.1350
- 20201.20.0614.2321
- 20194.20.0614.2307
- 20193.20.0614.2306
- 20192.19.0917.1648
- 20191.19.0402.1911
- 20183.19.0115.1143
- 'The following versions and lower: 2021.4'
- 2021.3.4
- 2021.2.5
- 2021.1.8
- 2020.4.11
- 2020.3.14
- 2020.2.19
- 2020.1.22
- 2019.4.25
- 2019.3.26
- 2019.2.29
- 2019.1.29
- 2018.3.29
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -557,7 +557,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Thales
product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core
product: CADP/SafeNet Protect App (PA) - JCE
cves:
cve-2021-4104:
investigated: false
@ -586,7 +586,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Cloud Key Manager (CCKM) Embedded
product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core
cves:
cve-2021-4104:
investigated: false
@ -615,7 +615,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Database Protection
product: CipherTrust Batch Data Transformation (BDT) 2.3
cves:
cve-2021-4104:
investigated: false
@ -644,7 +644,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Manager
product: CipherTrust Cloud Key Manager (CCKM) Appliance
cves:
cve-2021-4104:
investigated: false
@ -673,7 +673,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Transparent Encryption (CTE/VTE/CTE-U)
product: CipherTrust Cloud Key Manager (CCKM) Embedded
cves:
cve-2021-4104:
investigated: false
@ -702,7 +702,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Vaultless Tokenization (CTS, CT-VL)
product: CipherTrust Database Protection
cves:
cve-2021-4104:
investigated: false
@ -731,7 +731,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Data Protection on Demand
product: CipherTrust Manager
cves:
cve-2021-4104:
investigated: false
@ -760,7 +760,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Data Security Manager (DSM)
product: CipherTrust Transparent Encryption (CTE/VTE/CTE-U)
cves:
cve-2021-4104:
investigated: false
@ -789,7 +789,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: KeySecure
product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager
cves:
cve-2021-4104:
investigated: false
@ -818,7 +818,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Luna EFT
product: CipherTrust Vaultless Tokenization (CTS, CT-VL)
cves:
cve-2021-4104:
investigated: false
@ -847,7 +847,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Luna Network, PCIe, Luna USB HSM and backup devices
product: CipherTrust/SafeNet PDBCTL
cves:
cve-2021-4104:
investigated: false
@ -876,7 +876,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Luna SP
product: Crypto Command Center (CCC)
cves:
cve-2021-4104:
investigated: false
@ -905,7 +905,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: ProtectServer HSMs
product: Data Protection on Demand
cves:
cve-2021-4104:
investigated: false
@ -934,7 +934,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet Authentication Client
product: Data Security Manager (DSM)
cves:
cve-2021-4104:
investigated: false
@ -963,7 +963,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet IDPrime Virtual
product: KeySecure
cves:
cve-2021-4104:
investigated: false
@ -992,7 +992,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet eToken (all products)
product: Luna EFT
cves:
cve-2021-4104:
investigated: false
@ -1021,7 +1021,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet IDPrime(all products)
product: Luna Network, PCIe, Luna USB HSM and backup devices
cves:
cve-2021-4104:
investigated: false
@ -1050,7 +1050,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet LUKS
product: Luna SP
cves:
cve-2021-4104:
investigated: false
@ -1079,7 +1079,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet ProtectApp (PA) CAPI, .Net & Net Core
product: payShield Monitor
cves:
cve-2021-4104:
investigated: false
@ -1108,7 +1108,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet ProtectDB (PDB)
product: ProtectServer HSMs
cves:
cve-2021-4104:
investigated: false
@ -1137,7 +1137,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet ProtectV
product: SafeNet Authentication Client
cves:
cve-2021-4104:
investigated: false
@ -1166,7 +1166,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Safenet ProtectFile and ProtectFile- Fuse
product: SafeNet eToken (all products)
cves:
cve-2021-4104:
investigated: false
@ -1195,7 +1195,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet Transform Utility (TU)
product: SafeNet IDPrime Virtual
cves:
cve-2021-4104:
investigated: false
@ -1224,7 +1224,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet Trusted Access (STA)
product: SafeNet IDPrime(all products)
cves:
cve-2021-4104:
investigated: false
@ -1253,7 +1253,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet PKCS#11 and TDE
product: SafeNet LUKS
cves:
cve-2021-4104:
investigated: false
@ -1282,7 +1282,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet SQL EKM
product: SafeNet PKCS#11 and TDE
cves:
cve-2021-4104:
investigated: false
@ -1311,7 +1311,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SAS on Prem (SPE/PCE)
product: SafeNet ProtectApp (PA) CAPI, .Net & Net Core
cves:
cve-2021-4104:
investigated: false
@ -1340,7 +1340,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel EMS Enterprise OnPremise
product: SafeNet ProtectDB (PDB)
cves:
cve-2021-4104:
investigated: false
@ -1369,7 +1369,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel ESDaaS
product: Safenet ProtectFile and ProtectFile- Fuse
cves:
cve-2021-4104:
investigated: false
@ -1398,7 +1398,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel Up
product: SafeNet ProtectV
cves:
cve-2021-4104:
investigated: false
@ -1427,7 +1427,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel RMS
product: SafeNet SQL EKM
cves:
cve-2021-4104:
investigated: false
@ -1456,7 +1456,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel Connect
product: SafeNet Transform Utility (TU)
cves:
cve-2021-4104:
investigated: false
@ -1485,7 +1485,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel Superdog, SuperPro, UltraPro, SHK
product: SafeNet Trusted Access (STA)
cves:
cve-2021-4104:
investigated: false
@ -1514,7 +1514,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel HASP, Legacy dog, Maze, Hardlock
product: SafeNet Vaultless Tokenization
cves:
cve-2021-4104:
investigated: false
@ -1543,7 +1543,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel Envelope
product: SAS on Prem (SPE/PCE)
cves:
cve-2021-4104:
investigated: false
@ -1572,7 +1572,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Thales payShield 9000
product: Sentinel Connect
cves:
cve-2021-4104:
investigated: false
@ -1601,7 +1601,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Thales payShield 10k
product: Sentinel EMS Enterprise aaS
cves:
cve-2021-4104:
investigated: false
@ -1630,7 +1630,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Thales payShield Manager
product: Sentinel EMS Enterprise OnPremise
cves:
cve-2021-4104:
investigated: false
@ -1659,7 +1659,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Vormetirc Key Manager (VKM)
product: Sentinel Envelope
cves:
cve-2021-4104:
investigated: false
@ -1688,7 +1688,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Vormetric Application Encryption (VAE)
product: Sentinel ESDaaS
cves:
cve-2021-4104:
investigated: false
@ -1717,7 +1717,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Vormetric Protection for Terradata Database (VPTD)
product: Sentinel HASP, Legacy dog, Maze, Hardlock
cves:
cve-2021-4104:
investigated: false
@ -1746,7 +1746,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Vormetric Tokenization Server (VTS)
product: Sentinel LDK EMS (LDK-EMS)
cves:
cve-2021-4104:
investigated: false
@ -1775,7 +1775,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: payShield Monitor
product: Sentinel LDKaas (LDK-EMS)
cves:
cve-2021-4104:
investigated: false
@ -1804,7 +1804,8 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CADP/SafeNet Protect App (PA) - JCE
product: Sentinel Professional Services components (both Thales hosted & hosted
on-premises by customers)
cves:
cve-2021-4104:
investigated: false
@ -1833,7 +1834,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Batch Data Transformation (BDT) 2.3
product: Sentinel RMS
cves:
cve-2021-4104:
investigated: false
@ -1862,7 +1863,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Cloud Key Manager (CCKM) Appliance
product: Sentinel SCL
cves:
cve-2021-4104:
investigated: false
@ -1891,7 +1892,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager
product: Sentinel Superdog, SuperPro, UltraPro, SHK
cves:
cve-2021-4104:
investigated: false
@ -1920,7 +1921,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: CipherTrust/SafeNet PDBCTL
product: Sentinel Up
cves:
cve-2021-4104:
investigated: false
@ -1949,7 +1950,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Crypto Command Center (CCC)
product: Thales Data Platform (TDP)(DDC)
cves:
cve-2021-4104:
investigated: false
@ -1978,7 +1979,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: SafeNet Vaultless Tokenization
product: Thales payShield 10k
cves:
cve-2021-4104:
investigated: false
@ -2007,7 +2008,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel LDK EMS (LDK-EMS)
product: Thales payShield 9000
cves:
cve-2021-4104:
investigated: false
@ -2036,7 +2037,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel LDKaas (LDK-EMS)
product: Thales payShield Manager
cves:
cve-2021-4104:
investigated: false
@ -2065,7 +2066,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel EMS Enterprise aaS
product: Vormetirc Key Manager (VKM)
cves:
cve-2021-4104:
investigated: false
@ -2094,8 +2095,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel Professional Services components (both Thales hosted & hosted
on-premises by customers)
product: Vormetric Application Encryption (VAE)
cves:
cve-2021-4104:
investigated: false
@ -2124,7 +2124,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Sentinel SCL
product: Vormetric Protection for Terradata Database (VPTD)
cves:
cve-2021-4104:
investigated: false
@ -2153,7 +2153,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thales
product: Thales Data Platform (TDP)(DDC)
product: Vormetric Tokenization Server (VTS)
cves:
cve-2021-4104:
investigated: false
@ -2181,8 +2181,8 @@ software:
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Thermo-Calc
product: Thermo-Calc
- vendor: Thermo Fisher Scientific
product: ''
cves:
cve-2021-4104:
investigated: false
@ -2190,11 +2190,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2022a
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -2206,8 +2205,8 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
notes: Use the program as normal, Install the 2022a patch when available
- https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
@ -2224,7 +2223,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2021b
- 2022a
cve-2021-45046:
investigated: false
affected_versions: []
@ -2237,7 +2236,7 @@ software:
unaffected_versions: []
vendor_links:
- https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
notes: Use the program as normal
notes: Use the program as normal, Install the 2022a patch when available
references:
- ''
last_updated: '2021-12-22T00:00:00'
@ -2254,7 +2253,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2018b to 2021a
- 2021b
cve-2021-45046:
investigated: false
affected_versions: []
@ -2267,8 +2266,7 @@ software:
unaffected_versions: []
vendor_links:
- https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
notes: Use the program as normal, delete the Log4j 2 files in the program installation
if required, see advisory for instructions.
notes: Use the program as normal
references:
- ''
last_updated: '2021-12-22T00:00:00'
@ -2285,7 +2283,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2018a and earlier
- 2018b to 2021a
cve-2021-45046:
investigated: false
affected_versions: []
@ -2298,12 +2296,13 @@ software:
unaffected_versions: []
vendor_links:
- https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
notes: Use the program as normal
notes: Use the program as normal, delete the Log4j 2 files in the program installation
if required, see advisory for instructions.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Thermo Fisher Scientific
product: ''
- vendor: Thermo-Calc
product: Thermo-Calc
cves:
cve-2021-4104:
investigated: false
@ -2311,10 +2310,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- 2018a and earlier
cve-2021-45046:
investigated: false
affected_versions: []
@ -2326,8 +2326,8 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html
notes: ''
- https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
notes: Use the program as normal
references:
- ''
last_updated: '2021-12-22T00:00:00'
@ -2393,7 +2393,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: ThycoticCentrify
product: Secret Server
product: Account Lifecycle Manager
cves:
cve-2021-4104:
investigated: false
@ -2423,7 +2423,7 @@ software:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: ThycoticCentrify
product: Privilege Manager
product: Cloud Suite
cves:
cve-2021-4104:
investigated: false
@ -2453,7 +2453,7 @@ software:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: ThycoticCentrify
product: Account Lifecycle Manager
product: Connection Manager
cves:
cve-2021-4104:
investigated: false
@ -2483,7 +2483,7 @@ software:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: ThycoticCentrify
product: Privileged Behavior Analytics
product: DevOps Secrets Vault
cves:
cve-2021-4104:
investigated: false
@ -2513,7 +2513,7 @@ software:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: ThycoticCentrify
product: DevOps Secrets Vault
product: Password Reset Server
cves:
cve-2021-4104:
investigated: false
@ -2543,7 +2543,7 @@ software:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: ThycoticCentrify
product: Connection Manager
product: Privilege Manager
cves:
cve-2021-4104:
investigated: false
@ -2573,7 +2573,7 @@ software:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: ThycoticCentrify
product: Password Reset Server
product: Privileged Behavior Analytics
cves:
cve-2021-4104:
investigated: false
@ -2603,7 +2603,7 @@ software:
- ''
last_updated: '2021-12-10T00:00:00'
- vendor: ThycoticCentrify
product: Cloud Suite
product: Secret Server
cves:
cve-2021-4104:
investigated: false
@ -2952,13 +2952,13 @@ software:
unaffected_versions: []
vendor_links:
- https://docs.niagara-community.com/bundle/TechBulletin2021/resource/Dec_13_2021_NiagaraNotExposed_Apache_log4j.pdf
notes: Document access requires authentication. CISA is not able to validate vulnerability status.
notes: Document access requires authentication. CISA is not able to validate vulnerability
status.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Tripp Lite
product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX,
SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces)
- vendor: Trimble
product: eCognition
cves:
cve-2021-4104:
investigated: false
@ -2966,8 +2966,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 10.2.0 Build 4618
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -2980,15 +2981,14 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
notes: ''
vendor_links: []
notes: Remediation steps provided by Trimble
references:
- ''
last_updated: '2022-01-04T00:00:00'
last_updated: '2021-12-23T00:00:00'
- vendor: Tripp Lite
product: SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or
embedded SNMPWEBCARD
product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX,
SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces)
cves:
cve-2021-4104:
investigated: false
@ -3047,7 +3047,7 @@ software:
- ''
last_updated: '2022-01-04T00:00:00'
- vendor: Tripp Lite
product: PowerAlert Network Shutdown Agent (PANSA)
product: PowerAlert Network Management System (PANMS)
cves:
cve-2021-4104:
investigated: false
@ -3071,13 +3071,13 @@ software:
unaffected_versions: []
vendor_links:
- https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
notes: Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
notes: Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
vulnerability.
references:
- ''
last_updated: '2022-01-04T00:00:00'
- vendor: Tripp Lite
product: PowerAlert Network Management System (PANMS)
product: PowerAlert Network Shutdown Agent (PANSA)
cves:
cve-2021-4104:
investigated: false
@ -3101,13 +3101,13 @@ software:
unaffected_versions: []
vendor_links:
- https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
notes: Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
notes: Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
vulnerability.
references:
- ''
last_updated: '2022-01-04T00:00:00'
- vendor: Tripp Lite
product: TLNETCARD and associated software
product: PowerAlertElement Manager (PAEM)
cves:
cve-2021-4104:
investigated: false
@ -3115,8 +3115,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 1.0.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -3131,12 +3132,14 @@ software:
unaffected_versions: []
vendor_links:
- https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
notes: ''
notes: Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which
will contain a patched version of Log4j2
references:
- ''
last_updated: '2022-01-04T00:00:00'
- vendor: Tripp Lite
product: PowerAlertElement Manager (PAEM)
product: SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or
embedded SNMPWEBCARD
cves:
cve-2021-4104:
investigated: false
@ -3144,9 +3147,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 1.0.0
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -3161,13 +3163,12 @@ software:
unaffected_versions: []
vendor_links:
- https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
notes: Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which
will contain a patched version of Log4j2
notes: ''
references:
- ''
last_updated: '2022-01-04T00:00:00'
- vendor: Tripwire
product: ''
- vendor: Tripp Lite
product: TLNETCARD and associated software
cves:
cve-2021-4104:
investigated: false
@ -3190,13 +3191,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.tripwire.com/log4j
- https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Trimble
product: eCognition
last_updated: '2022-01-04T00:00:00'
- vendor: Tripwire
product: ''
cves:
cve-2021-4104:
investigated: false
@ -3204,9 +3205,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 10.2.0 Build 4618
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -3219,11 +3219,12 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: Remediation steps provided by Trimble
vendor_links:
- https://www.tripwire.com/log4j
notes: ''
references:
- ''
last_updated: '2021-12-23T00:00:00'
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: TrueNAS
product: ''
cves:

38
data/cisagov_U.yml
Unescape View File

@ -94,8 +94,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Umbraco
product: ''
- vendor: UiPath
product: InSights
cves:
cve-2021-4104:
investigated: false
@ -103,8 +103,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- '20.10'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -118,12 +119,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UniFlow
last_updated: '2021-12-15T00:00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
@ -147,12 +148,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unify ATOS
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
@ -176,12 +177,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unimus
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
@ -205,13 +206,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UiPath
product: InSights
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
@ -219,9 +220,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '20.10'
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -235,11 +235,11 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: USSIGNAL MSP
product: ''
cves:

384
data/cisagov_V.yml
Unescape View File

@ -4,35 +4,6 @@ owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varian
product: Acuity
cves:
@ -64,7 +35,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
product: ARIA Connect (Cloverleaf)
cves:
cve-2021-4104:
investigated: false
@ -72,11 +43,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -94,7 +65,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA Connect (Cloverleaf)
product: ARIA eDOC
cves:
cve-2021-4104:
investigated: false
@ -154,7 +125,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
@ -162,11 +133,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -184,7 +155,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
product: ARIA Radiation Therapy Management System (RTM)
cves:
cve-2021-4104:
investigated: false
@ -214,7 +185,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA eDOC
product: Bravos Console
cves:
cve-2021-4104:
investigated: false
@ -244,7 +215,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology
product: Clinac
cves:
cve-2021-4104:
investigated: false
@ -274,37 +245,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA Radiation Therapy Management System (RTM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Bravos Console
product: Cloud Planner
cves:
cve-2021-4104:
investigated: false
@ -334,7 +275,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Clinac
product: DITC
cves:
cve-2021-4104:
investigated: false
@ -364,7 +305,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Cloud Planner
product: DoseLab
cves:
cve-2021-4104:
investigated: false
@ -394,7 +335,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DoseLab
product: Eclipse treatment planning software
cves:
cve-2021-4104:
investigated: false
@ -424,7 +365,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Eclipse treatment planning software
product: ePeerReview
cves:
cve-2021-4104:
investigated: false
@ -432,11 +373,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -454,7 +395,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ePeerReview
product: Ethos
cves:
cve-2021-4104:
investigated: false
@ -462,11 +403,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -484,7 +425,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Ethos
product: FullScale oncology IT solutions
cves:
cve-2021-4104:
investigated: false
@ -492,11 +433,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -514,7 +455,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: FullScale oncology IT solutions
product: Halcyon system
cves:
cve-2021-4104:
investigated: false
@ -544,7 +485,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Halcyon system
product: ICAP
cves:
cve-2021-4104:
investigated: false
@ -552,11 +493,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -694,7 +635,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ICAP
product: Mobius3D platform
cves:
cve-2021-4104:
investigated: false
@ -724,7 +665,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Mobius3D platform
product: PaaS
cves:
cve-2021-4104:
investigated: false
@ -934,7 +875,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: PaaS
product: TrueBeam radiotherapy system
cves:
cve-2021-4104:
investigated: false
@ -964,7 +905,37 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: TrueBeam radiotherapy system
product: UNIQUE system
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Authentication and Identity Server (VAIS)
cves:
cve-2021-4104:
investigated: false
@ -994,7 +965,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: UNIQUE system
product: Varian Managed Services Cloud
cves:
cve-2021-4104:
investigated: false
@ -1024,7 +995,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Authentication and Identity Server (VAIS)
product: Varian Mobile App
cves:
cve-2021-4104:
investigated: false
@ -1036,7 +1007,8 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
- '2.0'
- '2.5'
cve-2021-45046:
investigated: false
affected_versions: []
@ -1054,7 +1026,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Managed Services Cloud
product: VariSeed
cves:
cve-2021-4104:
investigated: false
@ -1062,11 +1034,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -1084,7 +1056,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Mobile App
product: Velocity
cves:
cve-2021-4104:
investigated: false
@ -1096,8 +1068,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- '2.0'
- '2.5'
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -1115,7 +1086,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: VariSeed
product: VitalBeam radiotherapy system
cves:
cve-2021-4104:
investigated: false
@ -1145,7 +1116,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Velocity
product: Vitesse
cves:
cve-2021-4104:
investigated: false
@ -1175,7 +1146,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: VitalBeam radiotherapy system
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
@ -1183,11 +1154,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1205,7 +1176,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Vitesse
product: XMediusFax for ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
@ -1213,11 +1184,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1234,6 +1205,35 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varnish Software
product: ''
cves:
@ -1421,7 +1421,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: ''
affected_versions: []
@ -1678,6 +1678,71 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: VMware Carbon Black Cloud Workload Appliance
cves:
@ -2291,71 +2356,6 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: VMware vRealize Automation
cves:
@ -2614,7 +2614,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: ''
affected_versions: []

12
data/cisagov_W.yml
Unescape View File

@ -151,7 +151,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: WIBU Systems
product: CodeMeter Keyring for TIA Portal
product: CodeMeter Cloud Lite
cves:
cve-2021-4104:
investigated: false
@ -161,7 +161,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 1.30 and prior
- 2.2 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -176,12 +176,12 @@ software:
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: Only the Password Manager is affected
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WIBU Systems
product: CodeMeter Cloud Lite
product: CodeMeter Keyring for TIA Portal
cves:
cve-2021-4104:
investigated: false
@ -191,7 +191,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 2.2 and prior
- 1.30 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -206,7 +206,7 @@ software:
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: ''
notes: Only the Password Manager is affected
references:
- ''
last_updated: '2021-12-22T00:00:00'

36
data/cisagov_X.yml
Unescape View File

@ -237,7 +237,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus Analytics
product: Configuration change complete
cves:
cve-2021-4104:
investigated: false
@ -266,7 +266,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus Automation Control Configuration change complete
product: Sensus Analytics
cves:
cve-2021-4104:
investigated: false
@ -295,7 +295,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus Cathodic Protection Mitigation in process Mitigation in process
product: Sensus Automation Control Configuration change complete
cves:
cve-2021-4104:
investigated: false
@ -324,7 +324,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus FieldLogic LogServer
product: Sensus Cathodic Protection Mitigation in process Mitigation in process
cves:
cve-2021-4104:
investigated: false
@ -353,7 +353,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus Lighting Control
product: Sensus FieldLogic LogServer
cves:
cve-2021-4104:
investigated: false
@ -382,7 +382,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus NetMetrics Configuration change complete
product: Sensus Lighting Control
cves:
cve-2021-4104:
investigated: false
@ -411,7 +411,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus RNI Saas
product: Sensus NetMetrics Configuration change complete
cves:
cve-2021-4104:
investigated: false
@ -419,11 +419,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 4.7 through 4.10
- 4.4 through 4.6
- '4.2'
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -475,7 +472,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus SCS
product: Sensus RNI Saas
cves:
cve-2021-4104:
investigated: false
@ -483,8 +480,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 4.7 through 4.10
- 4.4 through 4.6
- '4.2'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -504,7 +504,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Smart Irrigation
product: Sensus SCS
cves:
cve-2021-4104:
investigated: false
@ -533,7 +533,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Water Loss Management (Visenti)
product: Smart Irrigation
cves:
cve-2021-4104:
investigated: false
@ -562,7 +562,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Configuration change complete
product: Water Loss Management (Visenti)
cves:
cve-2021-4104:
investigated: false

Write Preview
Loading…
Cancel
Save