mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-22 08:30:48 +00:00
Update the software list
This commit is contained in:
cisagovbot
parent
1accb4541f
commit
1ac6221a21
23 changed files with 11546 additions and 11536 deletions
|
|
@ -231,10 +231,10 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
||||||
| BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
| BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
| BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
|
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
|
@ -949,8 +949,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
| Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||||
| Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
| Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||||
| Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
| Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||||
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
||||||
| Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
| Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||||
|
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
| Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
| Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
|
|
@ -1180,6 +1180,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
|
| GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
|
||||||
| GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
|
| GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
|
||||||
| GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
|
||||||
| Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
| Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||||
| Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
| Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||||
| Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
| Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||||
|
|
@ -1309,14 +1310,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
| Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||||
| Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
| Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||||
| Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
| Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||||
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
|
|
||||||
| Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
||||||
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
|
@ -1324,6 +1323,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
|
@ -1396,7 +1396,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
| HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||||
| HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
| HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||||
| Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
|
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
|
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
|
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
|
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
| HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
| HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||||
| HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
| HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||||
| HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
| HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||||
|
|
@ -1526,11 +1530,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
| HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||||
| HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
| HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||||
| HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
| HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||||
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||||
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
|
||||||
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
|
||||||
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
|
||||||
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
|
||||||
| Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
|
@ -2019,6 +2019,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
|
| Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
|
||||||
| MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
|
||||||
|
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||||
| ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||||
| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||||
|
|
@ -2032,8 +2034,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||||
| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||||
| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||||
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
|
|
||||||
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
|
||||||
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||||
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||||
|
|
@ -2319,6 +2319,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
|
| Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
|
||||||
| Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
||||||
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||||
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||||
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||||
|
|
@ -2356,8 +2358,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
|
||||||
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
|
||||||
| Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
| Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||||
| Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
| Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||||
|
|
@ -2458,8 +2458,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
|
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
|
||||||
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
|
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
|
||||||
| Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
||||||
| Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
|
|
||||||
788
data/cisagov.yml
788
data/cisagov.yml
|
|
@ -6307,35 +6307,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: BeyondTrust Bomgar
|
|
||||||
product: ''
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
|
||||||
- vendor: BeyondTrust
|
- vendor: BeyondTrust
|
||||||
product: Privilege Management Cloud
|
product: Privilege Management Cloud
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -6426,6 +6397,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: BeyondTrust Bomgar
|
||||||
|
product: ''
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: BioMerieux
|
- vendor: BioMerieux
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -27524,34 +27524,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-15T00:00:00'
|
last_updated: '2021-12-15T00:00:00'
|
||||||
- vendor: ElasticSearch
|
|
||||||
product: all products
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links: []
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
|
||||||
- vendor: Elastic
|
- vendor: Elastic
|
||||||
product: Swiftype
|
product: Swiftype
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -27581,6 +27553,34 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-15T00:00:00'
|
last_updated: '2021-12-15T00:00:00'
|
||||||
|
- vendor: ElasticSearch
|
||||||
|
product: all products
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links: []
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
- vendor: Ellucian
|
- vendor: Ellucian
|
||||||
product: Admin
|
product: Admin
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -34284,6 +34284,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
|
- vendor: Google
|
||||||
|
product: Chrome
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
||||||
|
notes: Chrome Browser releases, infrastructure and admin console are not using
|
||||||
|
versions of Log4j affected by the vulnerability.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-14'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Access Transparency
|
product: Access Transparency
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -38229,36 +38259,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google
|
|
||||||
product: Chrome
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
|
||||||
notes: Chrome Browser releases, infrastructure and admin console are not using
|
|
||||||
versions of Log4j affected by the vulnerability.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-14'
|
|
||||||
- vendor: Gradle
|
- vendor: Gradle
|
||||||
product: Gradle
|
product: Gradle
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -38436,35 +38436,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
- vendor: Gravitee.io
|
|
||||||
product: ''
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
|
||||||
- vendor: Gravitee
|
- vendor: Gravitee
|
||||||
product: Access Management
|
product: Access Management
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -38675,6 +38646,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
|
- vendor: Gravitee.io
|
||||||
|
product: ''
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
- vendor: Gravwell
|
- vendor: Gravwell
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -40824,8 +40824,8 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
- vendor: HPE/Micro Focus
|
- vendor: HP
|
||||||
product: Data Protector
|
product: Teradici Cloud Access Controller
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -40836,7 +40836,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions:
|
||||||
- '9.09'
|
- < v113
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -40849,10 +40849,130 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://portal.microfocus.com/s/article/KM000003243
|
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
||||||
notes: ''
|
notes: ''
|
||||||
references:
|
references:
|
||||||
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: HP
|
||||||
|
product: Teradici EMSDK
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions:
|
||||||
|
- < 1.0.6
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: HP
|
||||||
|
product: Teradici Management Console
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions:
|
||||||
|
- < 21.10.3
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: HP
|
||||||
|
product: Teradici PCoIP Connection Manager
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions:
|
||||||
|
- < 21.03.6
|
||||||
|
- < 20.07.4
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: HP
|
||||||
|
product: Teradici PCoIP License Server
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: HPE
|
- vendor: HPE
|
||||||
product: 3PAR StoreServ Arrays
|
product: 3PAR StoreServ Arrays
|
||||||
|
|
@ -44597,8 +44717,8 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-12T00:00:00'
|
last_updated: '2021-12-12T00:00:00'
|
||||||
- vendor: HP
|
- vendor: HPE/Micro Focus
|
||||||
product: Teradici Cloud Access Controller
|
product: Data Protector
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -44609,7 +44729,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions:
|
||||||
- < v113
|
- '9.09'
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -44622,130 +44742,10 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
- https://portal.microfocus.com/s/article/KM000003243
|
||||||
notes: ''
|
notes: ''
|
||||||
references:
|
references:
|
||||||
- ''
|
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: HP
|
|
||||||
product: Teradici EMSDK
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions:
|
|
||||||
- < 1.0.6
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: HP
|
|
||||||
product: Teradici Management Console
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions:
|
|
||||||
- < 21.10.3
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: HP
|
|
||||||
product: Teradici PCoIP Connection Manager
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions:
|
|
||||||
- < 21.03.6
|
|
||||||
- < 20.07.4
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: HP
|
|
||||||
product: Teradici PCoIP License Server
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: Huawei
|
- vendor: Huawei
|
||||||
product: ''
|
product: ''
|
||||||
|
|
@ -59063,6 +59063,65 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
|
- vendor: ManageEngine
|
||||||
|
product: AD SelfService Plus
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- Build 6.1 build 6114
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links: []
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-27T00:00:00'
|
||||||
|
- vendor: ManageEngine
|
||||||
|
product: Servicedesk Plus
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- 11305 and below
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.manageengine.com/products/service-desk/security-response-plan.html
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-15T00:00:00'
|
||||||
- vendor: ManageEngine Zoho
|
- vendor: ManageEngine Zoho
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -59440,65 +59499,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-16T00:00:00'
|
last_updated: '2021-12-16T00:00:00'
|
||||||
- vendor: ManageEngine
|
|
||||||
product: AD SelfService Plus
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- Build 6.1 build 6114
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links: []
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-27T00:00:00'
|
|
||||||
- vendor: ManageEngine
|
|
||||||
product: Servicedesk Plus
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- 11305 and below
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.manageengine.com/products/service-desk/security-response-plan.html
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-15T00:00:00'
|
|
||||||
- vendor: MariaDB
|
- vendor: MariaDB
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -67919,6 +67919,66 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:55+00:00'
|
last_updated: '2022-01-12T07:18:55+00:00'
|
||||||
|
- vendor: Siemens
|
||||||
|
product: Affected Products
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
|
||||||
|
notes: 'Siemens requests: See pdf for the complete list of affected products,
|
||||||
|
CSAF for automated parsing of data'
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Siemens
|
||||||
|
product: Affected Products
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
|
||||||
|
notes: 'Siemens requests: See pdf for the complete list of affected products,
|
||||||
|
CSAF for automated parsing of data'
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-19T00:00:00'
|
||||||
- vendor: Siemens Energy
|
- vendor: Siemens Energy
|
||||||
product: Affected Products
|
product: Affected Products
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -69037,66 +69097,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Siemens
|
|
||||||
product: Affected Products
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
|
|
||||||
notes: 'Siemens requests: See pdf for the complete list of affected products,
|
|
||||||
CSAF for automated parsing of data'
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Siemens
|
|
||||||
product: Affected Products
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
|
|
||||||
notes: 'Siemens requests: See pdf for the complete list of affected products,
|
|
||||||
CSAF for automated parsing of data'
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-19T00:00:00'
|
|
||||||
- vendor: Sierra Wireless
|
- vendor: Sierra Wireless
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -72077,35 +72077,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:55+00:00'
|
last_updated: '2022-01-12T07:18:55+00:00'
|
||||||
- vendor: Spring Boot
|
|
||||||
product: ''
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:55+00:00'
|
|
||||||
- vendor: Spring
|
- vendor: Spring
|
||||||
product: Spring Boot
|
product: Spring Boot
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -72136,6 +72107,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:55+00:00'
|
last_updated: '2022-01-12T07:18:55+00:00'
|
||||||
|
- vendor: Spring Boot
|
||||||
|
product: ''
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:55+00:00'
|
||||||
- vendor: StarDog
|
- vendor: StarDog
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
1132
data/cisagov_A.yml
1132
data/cisagov_A.yml
File diff suppressed because it is too large
Load diff
|
|
@ -33,35 +33,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-16T00:00:00'
|
last_updated: '2021-12-16T00:00:00'
|
||||||
- vendor: Baxter
|
|
||||||
product: ''
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: BackBox
|
- vendor: BackBox
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -207,8 +178,8 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: BBraun
|
- vendor: Baxter
|
||||||
product: Outlook® Safety Infusion System Pump family
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -231,43 +202,13 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
|
||||||
notes: ''
|
notes: ''
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: BBraun
|
- vendor: BBraun
|
||||||
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
|
product: APEX® Compounder
|
||||||
Space® Infusion
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: BBraun
|
|
||||||
product: Pump, SpaceStation, and Space® Wireless Battery)
|
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -324,6 +265,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
|
- vendor: BBraun
|
||||||
|
product: Outlook® Safety Infusion System Pump family
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: BBraun
|
- vendor: BBraun
|
||||||
product: Pinnacle® Compounder
|
product: Pinnacle® Compounder
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -354,7 +324,37 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: BBraun
|
- vendor: BBraun
|
||||||
product: APEX® Compounder
|
product: Pump, SpaceStation, and Space® Wireless Battery)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
|
- vendor: BBraun
|
||||||
|
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
|
||||||
|
Space® Infusion
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -614,6 +614,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
|
- vendor: BD
|
||||||
|
product: BD Knowledge Portal for BD Pyxis™ Supply
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: BD
|
- vendor: BD
|
||||||
product: BD Knowledge Portal for Infusion Technologies
|
product: BD Knowledge Portal for Infusion Technologies
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -672,35 +701,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: BD
|
|
||||||
product: BD Knowledge Portal for BD Pyxis™ Supply
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: BD
|
- vendor: BD
|
||||||
product: BD Synapsys™ Informatics Solution
|
product: BD Synapsys™ Informatics Solution
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1049,35 +1049,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: BioMerieux
|
|
||||||
product: ''
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.biomerieux.com/en/cybersecurity-data-privacy
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Bender
|
- vendor: Bender
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1256,6 +1227,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
|
- vendor: BioMerieux
|
||||||
|
product: ''
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.biomerieux.com/en/cybersecurity-data-privacy
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: BisectHosting
|
- vendor: BisectHosting
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2590,35 +2590,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: Boston Scientific
|
|
||||||
product: ''
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: Bosch
|
- vendor: Bosch
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2648,6 +2619,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Boston Scientific
|
||||||
|
product: ''
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: Box
|
- vendor: Box
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
|
|
@ -120,6 +120,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Canon
|
||||||
|
product: Alphenix (Angio Workstation)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Canon
|
- vendor: Canon
|
||||||
product: CT Medical Imaging Products
|
product: CT Medical Imaging Products
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -149,151 +178,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Canon
|
|
||||||
product: MR Medical Imaging Products
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Canon
|
|
||||||
product: UL Medical Imaging Products
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Canon
|
|
||||||
product: XR Medical Imaging Products
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Canon
|
|
||||||
product: NM Medical Imaging Products
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Canon
|
|
||||||
product: Vitrea Advanced 7.x
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Canon
|
- vendor: Canon
|
||||||
product: Infinix-i (Angio Workstation)
|
product: Infinix-i (Angio Workstation)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -324,7 +208,123 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Canon
|
- vendor: Canon
|
||||||
product: Alphenix (Angio Workstation)
|
product: MR Medical Imaging Products
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Canon
|
||||||
|
product: NM Medical Imaging Products
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Canon
|
||||||
|
product: UL Medical Imaging Products
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Canon
|
||||||
|
product: Vitrea Advanced 7.x
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Canon
|
||||||
|
product: XR Medical Imaging Products
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -996,93 +996,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
|
||||||
product: Cisco Common Services Platform Collector
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
|
||||||
- vendor: Cisco
|
|
||||||
product: Cisco Network Services Orchestrator (NSO)
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
|
||||||
- vendor: Cisco
|
|
||||||
product: Cisco System Architecture Evolution Gateway (SAEGW)
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco ACI Multi-Site Orchestrator
|
product: Cisco ACI Multi-Site Orchestrator
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1489,6 +1402,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
|
- vendor: Cisco
|
||||||
|
product: Cisco Common Services Platform Collector
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco Computer Telephony Integration Object Server (CTIOS)
|
product: Cisco Computer Telephony Integration Object Server (CTIOS)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1866,34 +1808,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
|
||||||
product: DUO network gateway (on-prem/self-hosted)
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links: []
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco Elastic Services Controller (ESC)
|
product: Cisco Elastic Services Controller (ESC)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2736,6 +2650,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
|
- vendor: Cisco
|
||||||
|
product: Cisco Network Services Orchestrator (NSO)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco Nexus 5500 Platform Switches
|
product: Cisco Nexus 5500 Platform Switches
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -3028,7 +2971,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco Paging Server (InformaCast)
|
product: Cisco Paging Server
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -3057,7 +3000,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco Paging Server
|
product: Cisco Paging Server (InformaCast)
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -3665,6 +3608,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
|
- vendor: Cisco
|
||||||
|
product: Cisco System Architecture Evolution Gateway (SAEGW)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco TelePresence Management Suite
|
product: Cisco TelePresence Management Suite
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -3956,7 +3928,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco Unified Contact Center Enterprise - Live Data server
|
product: Cisco Unified Contact Center Enterprise
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -3985,7 +3957,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: Cisco Unified Contact Center Enterprise
|
product: Cisco Unified Contact Center Enterprise - Live Data server
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -4419,6 +4391,34 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
|
- vendor: Cisco
|
||||||
|
product: DUO network gateway (on-prem/self-hosted)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links: []
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cisco
|
- vendor: Cisco
|
||||||
product: duo network gateway (on-prem/self-hosted)
|
product: duo network gateway (on-prem/self-hosted)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -4810,39 +4810,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Citrix
|
|
||||||
product: ShareFile Storage Zones Controller
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.citrix.com/article/CTX335705
|
|
||||||
notes: Citrix continues to investigate any potential impact on Citrix-managed
|
|
||||||
cloud services. If, as the investigation continues, any Citrix-managed services
|
|
||||||
are found to be affected by this issue, Citrix will take immediate action to
|
|
||||||
remediate the problem. Customers using Citrix-managed cloud services do not
|
|
||||||
need to take any action.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: Citrix
|
- vendor: Citrix
|
||||||
product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
|
product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -4913,6 +4880,39 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Citrix
|
||||||
|
product: ShareFile Storage Zones Controller
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.citrix.com/article/CTX335705
|
||||||
|
notes: Citrix continues to investigate any potential impact on Citrix-managed
|
||||||
|
cloud services. If, as the investigation continues, any Citrix-managed services
|
||||||
|
are found to be affected by this issue, Citrix will take immediate action to
|
||||||
|
remediate the problem. Customers using Citrix-managed cloud services do not
|
||||||
|
need to take any action.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Claris
|
- vendor: Claris
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -6163,7 +6163,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cloudera
|
- vendor: Cloudera
|
||||||
product: Workload XM (SaaS)
|
product: Workload XM
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -6171,8 +6171,9 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: false
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions:
|
||||||
|
- All versions
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -6192,7 +6193,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:51+00:00'
|
last_updated: '2022-01-12T07:18:51+00:00'
|
||||||
- vendor: Cloudera
|
- vendor: Cloudera
|
||||||
product: Workload XM
|
product: Workload XM (SaaS)
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -6200,9 +6201,8 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: false
|
||||||
affected_versions:
|
affected_versions: []
|
||||||
- All versions
|
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -6663,7 +6663,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: Confluent
|
- vendor: Confluent
|
||||||
product: Confluent Platform
|
product: Confluent ElasticSearch Sink Connector
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -6673,7 +6673,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- <7.0.1
|
- <11.1.7
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -6722,66 +6722,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: Confluent
|
|
||||||
product: Confluent Kafka Connectors
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- N/A
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: Confluent
|
|
||||||
product: Confluent ElasticSearch Sink Connector
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- <11.1.7
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: Confluent
|
- vendor: Confluent
|
||||||
product: Confluent Google DataProc Sink Connector
|
product: Confluent Google DataProc Sink Connector
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -6812,36 +6752,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: Confluent
|
|
||||||
product: Confluent Splunk Sink Connector
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- <2.05
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: Confluent
|
- vendor: Confluent
|
||||||
product: Confluent HDFS 2 Sink Connector
|
product: Confluent HDFS 2 Sink Connector
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -6902,6 +6812,96 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: Confluent
|
||||||
|
product: Confluent Kafka Connectors
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- N/A
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: Confluent
|
||||||
|
product: Confluent Platform
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- <7.0.1
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: Confluent
|
||||||
|
product: Confluent Splunk Sink Connector
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- <2.05
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: Confluent
|
- vendor: Confluent
|
||||||
product: Confluent VMWare Tanzu GemFire Sink Connector
|
product: Confluent VMWare Tanzu GemFire Sink Connector
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
3856
data/cisagov_D.yml
3856
data/cisagov_D.yml
File diff suppressed because it is too large
Load diff
3648
data/cisagov_E.yml
3648
data/cisagov_E.yml
File diff suppressed because it is too large
Load diff
|
|
@ -242,128 +242,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
- vendor: F5
|
|
||||||
product: Traffix SDC
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- 5.x (5.2.0 CF1
|
|
||||||
- 5.1.0 CF-30 - 5.1.0 CF-33)
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.f5.com/csp/article/K19026212
|
|
||||||
notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
|
|
||||||
Kibana), Element Management System'
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
|
||||||
- vendor: F5
|
|
||||||
product: NGINX Plus
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- R19 - R25
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.f5.com/csp/article/K19026212
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
|
||||||
- vendor: F5
|
|
||||||
product: NGINX Open Source
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- 1.x
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.f5.com/csp/article/K19026212
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
|
||||||
- vendor: F5
|
|
||||||
product: NGINX Unit
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- 1.x
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.f5.com/csp/article/K19026212
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
|
||||||
- vendor: F5
|
- vendor: F5
|
||||||
product: NGINX App Protect
|
product: NGINX App Protect
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -484,6 +362,66 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
|
- vendor: F5
|
||||||
|
product: NGINX Open Source
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- 1.x
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.f5.com/csp/article/K19026212
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
|
- vendor: F5
|
||||||
|
product: NGINX Plus
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- R19 - R25
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.f5.com/csp/article/K19026212
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
- vendor: F5
|
- vendor: F5
|
||||||
product: NGINX Service Mesh
|
product: NGINX Service Mesh
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -514,6 +452,68 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
|
- vendor: F5
|
||||||
|
product: NGINX Unit
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- 1.x
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.f5.com/csp/article/K19026212
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
|
- vendor: F5
|
||||||
|
product: Traffix SDC
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- 5.x (5.2.0 CF1
|
||||||
|
- 5.1.0 CF-30 - 5.1.0 CF-33)
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.f5.com/csp/article/K19026212
|
||||||
|
notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
|
||||||
|
Kibana), Element Management System'
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
- vendor: FAST LTA
|
- vendor: FAST LTA
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
|
|
@ -64,6 +64,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: GE Gas Power
|
||||||
|
product: Asset Performance Management (APM)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
|
||||||
|
notes: GE verifying workaround.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: GE Gas Power
|
- vendor: GE Gas Power
|
||||||
product: Baseline Security Center (BSC)
|
product: Baseline Security Center (BSC)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -124,35 +153,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: GE Gas Power
|
|
||||||
product: Asset Performance Management (APM)
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
|
|
||||||
notes: GE verifying workaround.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: GE Gas Power
|
- vendor: GE Gas Power
|
||||||
product: Control Server
|
product: Control Server
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -536,7 +536,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:52+00:00'
|
last_updated: '2022-01-12T07:18:52+00:00'
|
||||||
- vendor: GoAnywhere
|
- vendor: GoAnywhere
|
||||||
product: MFT
|
product: Gateway
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -546,7 +546,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- < 6.8.6
|
- < 2.8.4
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -566,7 +566,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-18T00:00:00'
|
last_updated: '2021-12-18T00:00:00'
|
||||||
- vendor: GoAnywhere
|
- vendor: GoAnywhere
|
||||||
product: Gateway
|
product: MFT
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -576,7 +576,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- < 2.8.4
|
- < 6.8.6
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -679,10 +679,73 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
||||||
notes: Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability.
|
notes: Chrome Browser releases, infrastructure and admin console are not using
|
||||||
|
versions of Log4j affected by the vulnerability.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-14'
|
last_updated: '2022-01-14'
|
||||||
|
- vendor: Google Cloud
|
||||||
|
product: Access Transparency
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cloud.google.com/log4j2-security-advisory
|
||||||
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||||
|
in CVE-2021-44228 and CVE-2021-45046.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Google Cloud
|
||||||
|
product: Actifio
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cloud.google.com/log4j2-security-advisory
|
||||||
|
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
|
||||||
|
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
|
||||||
|
for the full statement and to obtain the hotfix (available to Actifio customers
|
||||||
|
only).
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: AI Platform Data Labeling
|
product: AI Platform Data Labeling
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -773,68 +836,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
|
||||||
product: Access Transparency
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cloud.google.com/log4j2-security-advisory
|
|
||||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
||||||
in CVE-2021-44228 and CVE-2021-45046.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: Google Cloud
|
|
||||||
product: Actifio
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cloud.google.com/log4j2-security-advisory
|
|
||||||
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
|
|
||||||
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
|
|
||||||
for the full statement and to obtain the hotfix (available to Actifio customers
|
|
||||||
only).
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Anthos
|
product: Anthos
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -988,6 +989,40 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Google Cloud
|
||||||
|
product: Anthos on VMWare
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cloud.google.com/log4j2-security-advisory
|
||||||
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||||
|
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
|
||||||
|
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
|
||||||
|
to their VMware products as they become available. We also recommend customers
|
||||||
|
review their respective applications and workloads affected by the same vulnerabilities
|
||||||
|
and apply appropriate patches.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Anthos Premium Software
|
product: Anthos Premium Software
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1048,40 +1083,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
|
||||||
product: Anthos on VMWare
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cloud.google.com/log4j2-security-advisory
|
|
||||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
||||||
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
|
|
||||||
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
|
|
||||||
to their VMware products as they become available. We also recommend customers
|
|
||||||
review their respective applications and workloads affected by the same vulnerabilities
|
|
||||||
and apply appropriate patches.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Apigee
|
product: Apigee
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1792,36 +1793,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
|
||||||
product: Cloud DNS
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cloud.google.com/log4j2-security-advisory
|
|
||||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
||||||
in CVE-2021-44228 and CVE-2021-45046.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Data Loss Prevention
|
product: Cloud Data Loss Prevention
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1912,6 +1883,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Google Cloud
|
||||||
|
product: Cloud DNS
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cloud.google.com/log4j2-security-advisory
|
||||||
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||||
|
in CVE-2021-44228 and CVE-2021-45046.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Endpoints
|
product: Cloud Endpoints
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2036,7 +2037,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Intrusion Detection System (IDS)
|
product: Cloud Interconnect
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -2066,7 +2067,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Interconnect
|
product: Cloud Intrusion Detection System (IDS)
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -2185,36 +2186,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
|
||||||
product: Cloud Network Address Translation (NAT)
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cloud.google.com/log4j2-security-advisory
|
|
||||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
||||||
in CVE-2021-44228 and CVE-2021-45046.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Natural Language API
|
product: Cloud Natural Language API
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2245,6 +2216,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Google Cloud
|
||||||
|
product: Cloud Network Address Translation (NAT)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cloud.google.com/log4j2-security-advisory
|
||||||
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||||
|
in CVE-2021-44228 and CVE-2021-45046.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Profiler
|
product: Cloud Profiler
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2372,7 +2373,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud SDK
|
product: Cloud Scheduler
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -2402,37 +2403,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud SQL
|
product: Cloud SDK
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cloud.google.com/log4j2-security-advisory
|
|
||||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
||||||
in CVE-2021-44228 and CVE-2021-45046.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-19T00:00:00'
|
|
||||||
- vendor: Google Cloud
|
|
||||||
product: Cloud Scheduler
|
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -2554,6 +2525,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-19T00:00:00'
|
last_updated: '2021-12-19T00:00:00'
|
||||||
|
- vendor: Google Cloud
|
||||||
|
product: Cloud SQL
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cloud.google.com/log4j2-security-advisory
|
||||||
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||||
|
in CVE-2021-44228 and CVE-2021-45046.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-19T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Storage
|
product: Cloud Storage
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2704,36 +2705,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Google Cloud
|
|
||||||
product: Cloud VPN
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cloud.google.com/log4j2-security-advisory
|
|
||||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
|
||||||
in CVE-2021-44228 and CVE-2021-45046.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: Cloud Vision
|
product: Cloud Vision
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2794,6 +2765,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Google Cloud
|
||||||
|
product: Cloud VPN
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cloud.google.com/log4j2-security-advisory
|
||||||
|
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||||
|
in CVE-2021-44228 and CVE-2021-45046.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: Google Cloud
|
- vendor: Google Cloud
|
||||||
product: CompilerWorks
|
product: CompilerWorks
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -4865,66 +4866,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
- vendor: Gravitee
|
|
||||||
product: API Management
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- 3.10.x
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
|
||||||
- vendor: Gravitee
|
|
||||||
product: API Management
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- 3.5.x
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
|
||||||
- vendor: Gravitee
|
- vendor: Gravitee
|
||||||
product: Alert Engine
|
product: Alert Engine
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -4985,6 +4926,66 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:53+00:00'
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
|
- vendor: Gravitee
|
||||||
|
product: API Management
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- 3.10.x
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
|
- vendor: Gravitee
|
||||||
|
product: API Management
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- 3.5.x
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:53+00:00'
|
||||||
- vendor: Gravitee
|
- vendor: Gravitee
|
||||||
product: Cockpit
|
product: Cockpit
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
1436
data/cisagov_H.yml
1436
data/cisagov_H.yml
File diff suppressed because it is too large
Load diff
1394
data/cisagov_I.yml
1394
data/cisagov_I.yml
File diff suppressed because it is too large
Load diff
1700
data/cisagov_J.yml
1700
data/cisagov_J.yml
File diff suppressed because it is too large
Load diff
|
|
@ -613,35 +613,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Leica BIOSYSTEMS
|
|
||||||
product: BOND-ADVANCE
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.leicabiosystems.com/about/product-security/
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: Leica BIOSYSTEMS
|
- vendor: Leica BIOSYSTEMS
|
||||||
product: BOND Controller
|
product: BOND Controller
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -671,64 +642,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Leica BIOSYSTEMS
|
|
||||||
product: BOND-III
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.leicabiosystems.com/about/product-security/
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: Leica BIOSYSTEMS
|
|
||||||
product: BOND-MAX
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.leicabiosystems.com/about/product-security/
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: Leica BIOSYSTEMS
|
- vendor: Leica BIOSYSTEMS
|
||||||
product: BOND RX
|
product: BOND RX
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -787,6 +700,93 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Leica BIOSYSTEMS
|
||||||
|
product: BOND-ADVANCE
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.leicabiosystems.com/about/product-security/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Leica BIOSYSTEMS
|
||||||
|
product: BOND-III
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.leicabiosystems.com/about/product-security/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: Leica BIOSYSTEMS
|
||||||
|
product: BOND-MAX
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.leicabiosystems.com/about/product-security/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: Leica BIOSYSTEMS
|
- vendor: Leica BIOSYSTEMS
|
||||||
product: CEREBRO
|
product: CEREBRO
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
|
|
@ -62,6 +62,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
|
- vendor: ManageEngine
|
||||||
|
product: AD SelfService Plus
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- Build 6.1 build 6114
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links: []
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-27T00:00:00'
|
||||||
- vendor: ManageEngine
|
- vendor: ManageEngine
|
||||||
product: Servicedesk Plus
|
product: Servicedesk Plus
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -73,7 +102,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '11305 and below'
|
- 11305 and below
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -92,35 +121,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-15T00:00:00'
|
last_updated: '2021-12-15T00:00:00'
|
||||||
- vendor: ManageEngine
|
|
||||||
product: AD SelfService Plus
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- 'Build 6.1 build 6114'
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links: []
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-27T00:00:00'
|
|
||||||
- vendor: ManageEngine Zoho
|
- vendor: ManageEngine Zoho
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -150,6 +150,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
|
- vendor: ManageEngine Zoho
|
||||||
|
product: ADAudit Plus
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-16T00:00:00'
|
||||||
- vendor: ManageEngine Zoho
|
- vendor: ManageEngine Zoho
|
||||||
product: ADManager Plus
|
product: ADManager Plus
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -180,7 +209,36 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-16T00:00:00'
|
last_updated: '2021-12-16T00:00:00'
|
||||||
- vendor: ManageEngine Zoho
|
- vendor: ManageEngine Zoho
|
||||||
product: ADAudit Plus
|
product: Analytics Plus
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-16T00:00:00'
|
||||||
|
- vendor: ManageEngine Zoho
|
||||||
|
product: Cloud Security Plus
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -266,64 +324,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-16T00:00:00'
|
last_updated: '2021-12-16T00:00:00'
|
||||||
- vendor: ManageEngine Zoho
|
|
||||||
product: M365 Manager Plus
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-16T00:00:00'
|
|
||||||
- vendor: ManageEngine Zoho
|
|
||||||
product: RecoveryManager Plus
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-16T00:00:00'
|
|
||||||
- vendor: ManageEngine Zoho
|
- vendor: ManageEngine Zoho
|
||||||
product: Exchange Reporter Plus
|
product: Exchange Reporter Plus
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -412,7 +412,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-16T00:00:00'
|
last_updated: '2021-12-16T00:00:00'
|
||||||
- vendor: ManageEngine Zoho
|
- vendor: ManageEngine Zoho
|
||||||
product: Cloud Security Plus
|
product: M365 Manager Plus
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -470,7 +470,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-16T00:00:00'
|
last_updated: '2021-12-16T00:00:00'
|
||||||
- vendor: ManageEngine Zoho
|
- vendor: ManageEngine Zoho
|
||||||
product: Analytics Plus
|
product: RecoveryManager Plus
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -569,7 +569,7 @@ software:
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions:
|
unaffected_versions:
|
||||||
- 'All'
|
- All
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
|
@ -598,7 +598,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions:
|
||||||
- '1.59.10+'
|
- 1.59.10+
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -927,7 +927,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: McAfee
|
- vendor: McAfee
|
||||||
product: ePolicy Orchestrator Application Server (ePO)
|
product: Enterprise Security Manager (ESM)
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -938,7 +938,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions:
|
||||||
- '5.10 CU11'
|
- 11.5.3
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -984,6 +984,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
|
- vendor: McAfee
|
||||||
|
product: ePolicy Orchestrator Application Server (ePO)
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions:
|
||||||
|
- 5.10 CU11
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: McAfee
|
- vendor: McAfee
|
||||||
product: Host Intrusion Prevention (Host IPS)
|
product: Host Intrusion Prevention (Host IPS)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1264,34 +1294,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: McAfee
|
|
||||||
product: McAfee Security for Microsoft SharePoint (MSMS)
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links: []
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: McAfee
|
- vendor: McAfee
|
||||||
product: McAfee Security for Microsoft Exchange (MSME)
|
product: McAfee Security for Microsoft Exchange (MSME)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1321,7 +1323,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: McAfee
|
- vendor: McAfee
|
||||||
product: Enterprise Security Manager (ESM)
|
product: McAfee Security for Microsoft SharePoint (MSMS)
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -1329,10 +1331,9 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions: []
|
||||||
- '11.5.3'
|
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -1344,8 +1345,7 @@ software:
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links: []
|
||||||
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
|
|
||||||
notes: ''
|
notes: ''
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
|
|
@ -1637,8 +1637,8 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
- vendor: Microsoft
|
- vendor: Micro Focus
|
||||||
product: Azure Application Gateway
|
product: Data Protector
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -1646,9 +1646,19 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: false
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions:
|
||||||
|
- '10.20'
|
||||||
|
- '10.30'
|
||||||
|
- '10.40'
|
||||||
|
- '10.50'
|
||||||
|
- '10.60'
|
||||||
|
- '10.70'
|
||||||
|
- '10.80'
|
||||||
|
- '10.90'
|
||||||
|
- '10.91'
|
||||||
|
- '11.00'
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -1661,11 +1671,11 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
|
- https://portal.microfocus.com/s/article/KM000003052
|
||||||
notes: ''
|
notes: ''
|
||||||
references:
|
references:
|
||||||
- ''
|
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2021-12-13T00:00:00'
|
||||||
- vendor: Microsoft
|
- vendor: Microsoft
|
||||||
product: Azure API Gateway
|
product: Azure API Gateway
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1695,6 +1705,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
|
- vendor: Microsoft
|
||||||
|
product: Azure Application Gateway
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
- vendor: Microsoft
|
- vendor: Microsoft
|
||||||
product: Azure Data lake store java
|
product: Azure Data lake store java
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1706,7 +1745,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '< 2.3.10'
|
- < 2.3.10
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -1736,7 +1775,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '< 2.3.10'
|
- < 2.3.10
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -1756,7 +1795,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
- vendor: Microsoft
|
- vendor: Microsoft
|
||||||
product: Azure DevOps Server
|
product: Azure DevOps
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -1764,9 +1803,8 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: false
|
||||||
affected_versions:
|
affected_versions: []
|
||||||
- '2019.0 - 2020.1'
|
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -1786,7 +1824,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
- vendor: Microsoft
|
- vendor: Microsoft
|
||||||
product: Azure DevOps
|
product: Azure DevOps Server
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -1794,8 +1832,9 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: false
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions:
|
||||||
|
- 2019.0 - 2020.1
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -1854,7 +1893,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '2018.2+'
|
- 2018.2+
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -1902,45 +1941,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
- vendor: Micro Focus
|
|
||||||
product: Data Protector
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions:
|
|
||||||
- '10.20'
|
|
||||||
- '10.30'
|
|
||||||
- '10.40'
|
|
||||||
- '10.50'
|
|
||||||
- '10.60'
|
|
||||||
- '10.70'
|
|
||||||
- '10.80'
|
|
||||||
- '10.90'
|
|
||||||
- '10.91'
|
|
||||||
- '11.00'
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://portal.microfocus.com/s/article/KM000003052
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
|
|
||||||
last_updated: '2021-12-13T00:00:00'
|
|
||||||
- vendor: Midori Global
|
- vendor: Midori Global
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2538,7 +2538,7 @@ software:
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions:
|
unaffected_versions:
|
||||||
- 'All'
|
- All
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: ''
|
investigated: ''
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
|
@ -2551,7 +2551,9 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
|
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
|
||||||
notes: Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected.
|
notes: Moxa is investigating to determine if any of our products are affected
|
||||||
|
by this vulnerability. At the time of publication, none of Moxa's products are
|
||||||
|
affected.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-19T00:00:00'
|
last_updated: '2022-01-19T00:00:00'
|
||||||
|
|
@ -2586,7 +2588,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:54+00:00'
|
last_updated: '2022-01-12T07:18:54+00:00'
|
||||||
- vendor: Mulesoft
|
- vendor: Mulesoft
|
||||||
product: Mule Runtime
|
product: Anypoint Studio
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -2596,39 +2598,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '3.x'
|
- 7.x
|
||||||
- '4.x'
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021
|
|
||||||
notes: This advisory is available to account holders only and has not been reviewed
|
|
||||||
by CISA.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-15T00:00:00'
|
|
||||||
- vendor: Mulesoft
|
|
||||||
product: Mule Agent
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- '6.x'
|
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -2679,7 +2649,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-15T00:00:00'
|
last_updated: '2021-12-15T00:00:00'
|
||||||
- vendor: Mulesoft
|
- vendor: Mulesoft
|
||||||
product: Anypoint Studio
|
product: Mule Agent
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -2689,7 +2659,39 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '7.x'
|
- 6.x
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021
|
||||||
|
notes: This advisory is available to account holders only and has not been reviewed
|
||||||
|
by CISA.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-15T00:00:00'
|
||||||
|
- vendor: Mulesoft
|
||||||
|
product: Mule Runtime
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- 3.x
|
||||||
|
- 4.x
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
|
||||||
|
|
@ -102,9 +102,9 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- 'Vertica'
|
- Vertica
|
||||||
- 'Cloudera'
|
- Cloudera
|
||||||
- 'Logstash'
|
- Logstash
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -136,7 +136,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '>4.2'
|
- '>4.2'
|
||||||
- '<4..2.12'
|
- <4..2.12
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -282,7 +282,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions:
|
||||||
- '3.0.57'
|
- 3.0.57
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -312,7 +312,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '<7.4.3'
|
- <7.4.3
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -374,7 +374,7 @@ software:
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions:
|
unaffected_versions:
|
||||||
- '21.04.0.5552'
|
- 21.04.0.5552
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
|
@ -1342,35 +1342,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: Nutanix
|
|
||||||
product: Leap
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
|
|
||||||
notes: Saas-Based Procuct. See Advisory.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: Nutanix
|
- vendor: Nutanix
|
||||||
product: LCM
|
product: LCM
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1401,6 +1372,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-20T00:00:00'
|
last_updated: '2021-12-20T00:00:00'
|
||||||
|
- vendor: Nutanix
|
||||||
|
product: Leap
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
|
||||||
|
notes: Saas-Based Procuct. See Advisory.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-20T00:00:00'
|
||||||
- vendor: Nutanix
|
- vendor: Nutanix
|
||||||
product: Mine
|
product: Mine
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
|
|
@ -294,6 +294,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-12T00:00:00'
|
last_updated: '2021-12-12T00:00:00'
|
||||||
|
- vendor: Okta
|
||||||
|
product: Okta On-Prem MFA Agent
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- < 1.4.6
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-12T00:00:00'
|
||||||
- vendor: Okta
|
- vendor: Okta
|
||||||
product: Okta RADIUS Server Agent
|
product: Okta RADIUS Server Agent
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -382,36 +412,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-12T00:00:00'
|
last_updated: '2021-12-12T00:00:00'
|
||||||
- vendor: Okta
|
|
||||||
product: Okta On-Prem MFA Agent
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- < 1.4.6
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-12T00:00:00'
|
|
||||||
- vendor: Onespan
|
- vendor: Onespan
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -586,37 +586,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-23T00:00:00'
|
last_updated: '2021-12-23T00:00:00'
|
||||||
- vendor: Opto 22
|
|
||||||
product: GRV-EPIC-PR1, GRV-EPIC-PR2
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- < 3.3.2
|
|
||||||
fixed_versions:
|
|
||||||
- 3.3.2
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
|
||||||
notes: The Log4j vulnerability affects all products running groov View software
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-13T00:00:00'
|
|
||||||
- vendor: Opto 22
|
- vendor: Opto 22
|
||||||
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
|
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -710,6 +679,37 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-13T00:00:00'
|
last_updated: '2022-01-13T00:00:00'
|
||||||
|
- vendor: Opto 22
|
||||||
|
product: GRV-EPIC-PR1, GRV-EPIC-PR2
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- < 3.3.2
|
||||||
|
fixed_versions:
|
||||||
|
- 3.3.2
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
||||||
|
notes: The Log4j vulnerability affects all products running groov View software
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-13T00:00:00'
|
||||||
- vendor: Oracle
|
- vendor: Oracle
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -741,7 +741,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: Oracle
|
- vendor: Oracle
|
||||||
product: Exadata
|
product: Enterprise Manager
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -751,7 +751,8 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- <21.3.4
|
- '13.5'
|
||||||
|
- 13.4 & 13.3.2
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
@ -773,7 +774,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-17T00:00:00'
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: Oracle
|
- vendor: Oracle
|
||||||
product: Enterprise Manager
|
product: Exadata
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -783,8 +784,7 @@ software:
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions:
|
||||||
- '13.5'
|
- <21.3.4
|
||||||
- 13.4 & 13.3.2
|
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
|
||||||
|
|
@ -62,36 +62,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:55+00:00'
|
last_updated: '2022-01-12T07:18:55+00:00'
|
||||||
- vendor: QMATIC
|
|
||||||
product: Orchestra Central
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- 6.0+
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-21T00:00:00'
|
|
||||||
- vendor: QMATIC
|
- vendor: QMATIC
|
||||||
product: Appointment Booking
|
product: Appointment Booking
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -122,6 +92,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
- vendor: QMATIC
|
||||||
|
product: Appointment Booking
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- Cloud/Managed Service
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
|
||||||
|
notes: log4j 2.16 applied 2021-12-15
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: QMATIC
|
- vendor: QMATIC
|
||||||
product: Insights
|
product: Insights
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -153,7 +153,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
- vendor: QMATIC
|
- vendor: QMATIC
|
||||||
product: Appointment Booking
|
product: Orchestra Central
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -162,10 +162,10 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions:
|
affected_versions: []
|
||||||
- Cloud/Managed Service
|
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions:
|
||||||
|
- 6.0+
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
|
@ -178,7 +178,7 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
|
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
|
||||||
notes: log4j 2.16 applied 2021-12-15
|
notes: ''
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-21T00:00:00'
|
last_updated: '2021-12-21T00:00:00'
|
||||||
|
|
|
||||||
4046
data/cisagov_S.yml
4046
data/cisagov_S.yml
File diff suppressed because it is too large
Load diff
1503
data/cisagov_T.yml
1503
data/cisagov_T.yml
File diff suppressed because it is too large
Load diff
|
|
@ -94,6 +94,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:56+00:00'
|
last_updated: '2022-01-12T07:18:56+00:00'
|
||||||
|
- vendor: UiPath
|
||||||
|
product: InSights
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- '20.10'
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-15T00:00:00'
|
||||||
- vendor: Umbraco
|
- vendor: Umbraco
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -210,36 +240,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:56+00:00'
|
last_updated: '2022-01-12T07:18:56+00:00'
|
||||||
- vendor: UiPath
|
|
||||||
product: InSights
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- '20.10'
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-15T00:00:00'
|
|
||||||
- vendor: USSIGNAL MSP
|
- vendor: USSIGNAL MSP
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
|
|
@ -4,35 +4,6 @@ owners:
|
||||||
- name: cisagov
|
- name: cisagov
|
||||||
url: https://github.com/cisagov/log4j-affected-db
|
url: https://github.com/cisagov/log4j-affected-db
|
||||||
software:
|
software:
|
||||||
- vendor: VArmour
|
|
||||||
product: ''
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2022-01-12T07:18:56+00:00'
|
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: Acuity
|
product: Acuity
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -63,36 +34,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
|
||||||
product: DITC
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions:
|
|
||||||
- All
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: ARIA Connect (Cloverleaf)
|
product: ARIA Connect (Cloverleaf)
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -123,96 +64,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
|
||||||
product: ARIA oncology information system for Medical Oncology
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- All
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Varian
|
|
||||||
product: XMediusFax for ARIA oncology information system for Medical Oncology
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions:
|
|
||||||
- All
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Varian
|
|
||||||
product: ARIA oncology information system for Radiation Oncology
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- All
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: ARIA eDOC
|
product: ARIA eDOC
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -244,7 +95,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: XMediusFax for ARIA oncology information system for Radiation Oncology
|
product: ARIA oncology information system for Medical Oncology
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -252,11 +103,41 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: false
|
investigated: true
|
||||||
affected_versions:
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
- All
|
- All
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Varian
|
||||||
|
product: ARIA oncology information system for Radiation Oncology
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- All
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
|
@ -393,6 +274,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Varian
|
||||||
|
product: DITC
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions:
|
||||||
|
- All
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: DoseLab
|
product: DoseLab
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -573,6 +484,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Varian
|
||||||
|
product: ICAP
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- All
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: Identify
|
product: Identify
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -694,7 +635,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: ICAP
|
product: Mobius3D platform
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -724,7 +665,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: Mobius3D platform
|
product: PaaS
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -933,36 +874,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Varian
|
|
||||||
product: PaaS
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions:
|
|
||||||
- All
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Varian
|
- vendor: Varian
|
||||||
product: TrueBeam radiotherapy system
|
product: TrueBeam radiotherapy system
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1234,6 +1145,95 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Varian
|
||||||
|
product: XMediusFax for ARIA oncology information system for Medical Oncology
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions:
|
||||||
|
- All
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Varian
|
||||||
|
product: XMediusFax for ARIA oncology information system for Radiation Oncology
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions:
|
||||||
|
- All
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: VArmour
|
||||||
|
product: ''
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:56+00:00'
|
||||||
- vendor: Varnish Software
|
- vendor: Varnish Software
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -1421,7 +1421,7 @@ software:
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions:
|
unaffected_versions:
|
||||||
- 'All'
|
- All
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: ''
|
investigated: ''
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
|
@ -1678,6 +1678,71 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-12T00:00:00'
|
last_updated: '2021-12-12T00:00:00'
|
||||||
|
- vendor: VMware
|
||||||
|
product: vCenter Server - OVA
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- 7.x
|
||||||
|
- 6.7.x
|
||||||
|
- 6.5.x
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
||||||
|
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
|
||||||
|
)'
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
|
- vendor: VMware
|
||||||
|
product: vCenter Server - Windows
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- 6.7.x
|
||||||
|
- 6.5.x
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
||||||
|
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
|
||||||
|
)'
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-17T00:00:00'
|
||||||
- vendor: VMware
|
- vendor: VMware
|
||||||
product: VMware Carbon Black Cloud Workload Appliance
|
product: VMware Carbon Black Cloud Workload Appliance
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2291,71 +2356,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-12T00:00:00'
|
last_updated: '2021-12-12T00:00:00'
|
||||||
- vendor: VMware
|
|
||||||
product: vCenter Server - OVA
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- 7.x
|
|
||||||
- 6.7.x
|
|
||||||
- 6.5.x
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
|
||||||
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
|
|
||||||
)'
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: VMware
|
|
||||||
product: vCenter Server - Windows
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- 6.7.x
|
|
||||||
- 6.5.x
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
|
||||||
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
|
|
||||||
)'
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-17T00:00:00'
|
|
||||||
- vendor: VMware
|
- vendor: VMware
|
||||||
product: VMware vRealize Automation
|
product: VMware vRealize Automation
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -2614,7 +2614,7 @@ software:
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions:
|
unaffected_versions:
|
||||||
- 'All'
|
- All
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: ''
|
investigated: ''
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
|
|
||||||
|
|
@ -150,36 +150,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:56+00:00'
|
last_updated: '2022-01-12T07:18:56+00:00'
|
||||||
- vendor: WIBU Systems
|
|
||||||
product: CodeMeter Keyring for TIA Portal
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- 1.30 and prior
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
|
|
||||||
notes: Only the Password Manager is affected
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: WIBU Systems
|
- vendor: WIBU Systems
|
||||||
product: CodeMeter Cloud Lite
|
product: CodeMeter Cloud Lite
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -210,6 +180,36 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: WIBU Systems
|
||||||
|
product: CodeMeter Keyring for TIA Portal
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions:
|
||||||
|
- 1.30 and prior
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
|
||||||
|
notes: Only the Password Manager is affected
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: WindRiver
|
- vendor: WindRiver
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
|
|
@ -236,6 +236,35 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Xylem
|
||||||
|
product: Configuration change complete
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Xylem
|
- vendor: Xylem
|
||||||
product: Sensus Analytics
|
product: Sensus Analytics
|
||||||
cves:
|
cves:
|
||||||
|
|
@ -411,7 +440,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Xylem
|
- vendor: Xylem
|
||||||
product: Sensus RNI Saas
|
product: Sensus RNI On Prem
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -443,7 +472,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Xylem
|
- vendor: Xylem
|
||||||
product: Sensus RNI On Prem
|
product: Sensus RNI Saas
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
@ -561,35 +590,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: Xylem
|
|
||||||
product: Configuration change complete
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
||||||
notes: ''
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-22T00:00:00'
|
|
||||||
- vendor: Xylem
|
- vendor: Xylem
|
||||||
product: Xylem Cloud
|
product: Xylem Cloud
|
||||||
cves:
|
cves:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue