1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 00:20:47 +00:00

Update the software list

This commit is contained in:
cisagovbot 2022-01-24 22:27:28 +00:00
parent 1accb4541f
commit 1ac6221a21
23 changed files with 11546 additions and 11536 deletions

View file

@ -231,10 +231,10 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -949,8 +949,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
@ -1180,6 +1180,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 | | GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 | | GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
| Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
@ -1309,14 +1310,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
| Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1324,6 +1323,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1396,7 +1396,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
@ -1526,11 +1530,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -2019,6 +2019,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 | | Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2032,8 +2034,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 | | MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 | | MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
@ -2319,6 +2319,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 | | Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2356,8 +2358,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
@ -2458,8 +2458,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 | | Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 | | Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |

View file

@ -6307,35 +6307,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BeyondTrust Bomgar
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BeyondTrust - vendor: BeyondTrust
product: Privilege Management Cloud product: Privilege Management Cloud
cves: cves:
@ -6426,6 +6397,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: BeyondTrust Bomgar
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BioMerieux - vendor: BioMerieux
product: '' product: ''
cves: cves:
@ -27524,34 +27524,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: ElasticSearch
product: all products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: Elastic - vendor: Elastic
product: Swiftype product: Swiftype
cves: cves:
@ -27581,6 +27553,34 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: ElasticSearch
product: all products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: Ellucian - vendor: Ellucian
product: Admin product: Admin
cves: cves:
@ -34284,6 +34284,36 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:52+00:00' last_updated: '2022-01-12T07:18:52+00:00'
- vendor: Google
product: Chrome
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
notes: Chrome Browser releases, infrastructure and admin console are not using
versions of Log4j affected by the vulnerability.
references:
- ''
last_updated: '2022-01-14'
- vendor: Google Cloud - vendor: Google Cloud
product: Access Transparency product: Access Transparency
cves: cves:
@ -38229,36 +38259,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google
product: Chrome
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
notes: Chrome Browser releases, infrastructure and admin console are not using
versions of Log4j affected by the vulnerability.
references:
- ''
last_updated: '2022-01-14'
- vendor: Gradle - vendor: Gradle
product: Gradle product: Gradle
cves: cves:
@ -38436,35 +38436,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:53+00:00' last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee.io
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee - vendor: Gravitee
product: Access Management product: Access Management
cves: cves:
@ -38675,6 +38646,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:53+00:00' last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee.io
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravwell - vendor: Gravwell
product: '' product: ''
cves: cves:
@ -40824,8 +40824,8 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:53+00:00' last_updated: '2022-01-12T07:18:53+00:00'
- vendor: HPE/Micro Focus - vendor: HP
product: Data Protector product: Teradici Cloud Access Controller
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -40836,7 +40836,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- '9.09' - < v113
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -40849,10 +40849,130 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://portal.microfocus.com/s/article/KM000003243 - https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: '' notes: ''
references: references:
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' - ''
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici EMSDK
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 1.0.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici Management Console
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 21.10.3
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici PCoIP Connection Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 21.03.6
- < 20.07.4
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici PCoIP License Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: HPE - vendor: HPE
product: 3PAR StoreServ Arrays product: 3PAR StoreServ Arrays
@ -44597,8 +44717,8 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: HP - vendor: HPE/Micro Focus
product: Teradici Cloud Access Controller product: Data Protector
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -44609,7 +44729,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- < v113 - '9.09'
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -44622,130 +44742,10 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16 - https://portal.microfocus.com/s/article/KM000003243
notes: '' notes: ''
references: references:
- '' - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici EMSDK
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 1.0.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici Management Console
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 21.10.3
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici PCoIP Connection Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 21.03.6
- < 20.07.4
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: HP
product: Teradici PCoIP License Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.hp.com/us-en/document/ish_5268006-5268030-16
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Huawei - vendor: Huawei
product: '' product: ''
@ -59063,6 +59063,65 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: ManageEngine
product: AD SelfService Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Build 6.1 build 6114
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-27T00:00:00'
- vendor: ManageEngine
product: Servicedesk Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 11305 and below
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.manageengine.com/products/service-desk/security-response-plan.html
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: '' product: ''
cves: cves:
@ -59440,65 +59499,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine
product: AD SelfService Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Build 6.1 build 6114
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-27T00:00:00'
- vendor: ManageEngine
product: Servicedesk Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 11305 and below
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.manageengine.com/products/service-desk/security-response-plan.html
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: MariaDB - vendor: MariaDB
product: '' product: ''
cves: cves:
@ -67919,6 +67919,66 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:55+00:00' last_updated: '2022-01-12T07:18:55+00:00'
- vendor: Siemens
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Siemens Energy - vendor: Siemens Energy
product: Affected Products product: Affected Products
cves: cves:
@ -69037,66 +69097,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Siemens
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Siemens
product: Affected Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
notes: 'Siemens requests: See pdf for the complete list of affected products,
CSAF for automated parsing of data'
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Sierra Wireless - vendor: Sierra Wireless
product: '' product: ''
cves: cves:
@ -72077,35 +72077,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:55+00:00' last_updated: '2022-01-12T07:18:55+00:00'
- vendor: Spring Boot
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
- vendor: Spring - vendor: Spring
product: Spring Boot product: Spring Boot
cves: cves:
@ -72136,6 +72107,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:55+00:00' last_updated: '2022-01-12T07:18:55+00:00'
- vendor: Spring Boot
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
- vendor: StarDog - vendor: StarDog
product: '' product: ''
cves: cves:

File diff suppressed because it is too large Load diff

View file

@ -33,35 +33,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: Baxter
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BackBox - vendor: BackBox
product: '' product: ''
cves: cves:
@ -207,8 +178,8 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BBraun - vendor: Baxter
product: Outlook® Safety Infusion System Pump family product: ''
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -231,43 +202,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf - https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: BBraun - vendor: BBraun
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® product: APEX® Compounder
Space® Infusion
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Pump, SpaceStation, and Space® Wireless Battery)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -324,6 +265,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Outlook® Safety Infusion System Pump family
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun - vendor: BBraun
product: Pinnacle® Compounder product: Pinnacle® Compounder
cves: cves:
@ -354,7 +324,37 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: BBraun - vendor: BBraun
product: APEX® Compounder product: Pump, SpaceStation, and Space® Wireless Battery)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
Space® Infusion
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -614,6 +614,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for BD Pyxis™ Supply
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD - vendor: BD
product: BD Knowledge Portal for Infusion Technologies product: BD Knowledge Portal for Infusion Technologies
cves: cves:
@ -672,35 +701,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for BD Pyxis™ Supply
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD - vendor: BD
product: BD Synapsys™ Informatics Solution product: BD Synapsys™ Informatics Solution
cves: cves:
@ -1049,35 +1049,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: BioMerieux
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.biomerieux.com/en/cybersecurity-data-privacy
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Bender - vendor: Bender
product: '' product: ''
cves: cves:
@ -1256,6 +1227,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BioMerieux
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.biomerieux.com/en/cybersecurity-data-privacy
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: BisectHosting - vendor: BisectHosting
product: '' product: ''
cves: cves:
@ -2590,35 +2590,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Boston Scientific
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Bosch - vendor: Bosch
product: '' product: ''
cves: cves:
@ -2648,6 +2619,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Boston Scientific
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Box - vendor: Box
product: '' product: ''
cves: cves:

View file

@ -120,6 +120,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: Alphenix (Angio Workstation)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon - vendor: Canon
product: CT Medical Imaging Products product: CT Medical Imaging Products
cves: cves:
@ -149,151 +178,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: MR Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: UL Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: XR Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: NM Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: Vitrea Advanced 7.x
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon - vendor: Canon
product: Infinix-i (Angio Workstation) product: Infinix-i (Angio Workstation)
cves: cves:
@ -324,7 +208,123 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Canon - vendor: Canon
product: Alphenix (Angio Workstation) product: MR Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: NM Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: UL Medical Imaging Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: Vitrea Advanced 7.x
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Canon
product: XR Medical Imaging Products
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -996,93 +996,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Common Services Platform Collector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Network Services Orchestrator (NSO)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco System Architecture Evolution Gateway (SAEGW)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco ACI Multi-Site Orchestrator product: Cisco ACI Multi-Site Orchestrator
cves: cves:
@ -1489,6 +1402,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Common Services Platform Collector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco Computer Telephony Integration Object Server (CTIOS) product: Cisco Computer Telephony Integration Object Server (CTIOS)
cves: cves:
@ -1866,34 +1808,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: DUO network gateway (on-prem/self-hosted)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco Elastic Services Controller (ESC) product: Cisco Elastic Services Controller (ESC)
cves: cves:
@ -2736,6 +2650,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco Network Services Orchestrator (NSO)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco Nexus 5500 Platform Switches product: Cisco Nexus 5500 Platform Switches
cves: cves:
@ -3028,7 +2971,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco Paging Server (InformaCast) product: Cisco Paging Server
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -3057,7 +3000,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco Paging Server product: Cisco Paging Server (InformaCast)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -3665,6 +3608,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: Cisco System Architecture Evolution Gateway (SAEGW)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco TelePresence Management Suite product: Cisco TelePresence Management Suite
cves: cves:
@ -3956,7 +3928,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco Unified Contact Center Enterprise - Live Data server product: Cisco Unified Contact Center Enterprise
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -3985,7 +3957,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: Cisco Unified Contact Center Enterprise product: Cisco Unified Contact Center Enterprise - Live Data server
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -4419,6 +4391,34 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco
product: DUO network gateway (on-prem/self-hosted)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cisco - vendor: Cisco
product: duo network gateway (on-prem/self-hosted) product: duo network gateway (on-prem/self-hosted)
cves: cves:
@ -4810,39 +4810,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Citrix
product: ShareFile Storage Zones Controller
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.citrix.com/article/CTX335705
notes: Citrix continues to investigate any potential impact on Citrix-managed
cloud services. If, as the investigation continues, any Citrix-managed services
are found to be affected by this issue, Citrix will take immediate action to
remediate the problem. Customers using Citrix-managed cloud services do not
need to take any action.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Citrix - vendor: Citrix
product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
cves: cves:
@ -4913,6 +4880,39 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Citrix
product: ShareFile Storage Zones Controller
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.citrix.com/article/CTX335705
notes: Citrix continues to investigate any potential impact on Citrix-managed
cloud services. If, as the investigation continues, any Citrix-managed services
are found to be affected by this issue, Citrix will take immediate action to
remediate the problem. Customers using Citrix-managed cloud services do not
need to take any action.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Claris - vendor: Claris
product: '' product: ''
cves: cves:
@ -6163,7 +6163,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cloudera - vendor: Cloudera
product: Workload XM (SaaS) product: Workload XM
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -6171,8 +6171,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions:
- All versions
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -6192,7 +6193,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:51+00:00' last_updated: '2022-01-12T07:18:51+00:00'
- vendor: Cloudera - vendor: Cloudera
product: Workload XM product: Workload XM (SaaS)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -6200,9 +6201,8 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: affected_versions: []
- All versions
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -6663,7 +6663,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Confluent - vendor: Confluent
product: Confluent Platform product: Confluent ElasticSearch Sink Connector
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -6673,7 +6673,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- <7.0.1 - <11.1.7
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -6722,66 +6722,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Kafka Connectors
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- N/A
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent ElasticSearch Sink Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <11.1.7
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent - vendor: Confluent
product: Confluent Google DataProc Sink Connector product: Confluent Google DataProc Sink Connector
cves: cves:
@ -6812,36 +6752,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Splunk Sink Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <2.05
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent - vendor: Confluent
product: Confluent HDFS 2 Sink Connector product: Confluent HDFS 2 Sink Connector
cves: cves:
@ -6902,6 +6812,96 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Kafka Connectors
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- N/A
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <7.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent
product: Confluent Splunk Sink Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <2.05
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Confluent - vendor: Confluent
product: Confluent VMWare Tanzu GemFire Sink Connector product: Confluent VMWare Tanzu GemFire Sink Connector
cves: cves:

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -242,128 +242,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:52+00:00' last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: Traffix SDC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 5.x (5.2.0 CF1
- 5.1.0 CF-30 - 5.1.0 CF-33)
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
Kibana), Element Management System'
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- R19 - R25
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Open Source
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Unit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5 - vendor: F5
product: NGINX App Protect product: NGINX App Protect
cves: cves:
@ -484,6 +362,66 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:52+00:00' last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Open Source
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- R19 - R25
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5 - vendor: F5
product: NGINX Service Mesh product: NGINX Service Mesh
cves: cves:
@ -514,6 +452,68 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:52+00:00' last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Unit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: Traffix SDC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 5.x (5.2.0 CF1
- 5.1.0 CF-30 - 5.1.0 CF-33)
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
Kibana), Element Management System'
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: FAST LTA - vendor: FAST LTA
product: '' product: ''
cves: cves:

View file

@ -64,6 +64,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Asset Performance Management (APM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
notes: GE verifying workaround.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power - vendor: GE Gas Power
product: Baseline Security Center (BSC) product: Baseline Security Center (BSC)
cves: cves:
@ -124,35 +153,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Asset Performance Management (APM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
notes: GE verifying workaround.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power - vendor: GE Gas Power
product: Control Server product: Control Server
cves: cves:
@ -536,7 +536,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:52+00:00' last_updated: '2022-01-12T07:18:52+00:00'
- vendor: GoAnywhere - vendor: GoAnywhere
product: MFT product: Gateway
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -546,7 +546,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- < 6.8.6 - < 2.8.4
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -566,7 +566,7 @@ software:
- '' - ''
last_updated: '2021-12-18T00:00:00' last_updated: '2021-12-18T00:00:00'
- vendor: GoAnywhere - vendor: GoAnywhere
product: Gateway product: MFT
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -576,7 +576,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- < 2.8.4 - < 6.8.6
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -679,10 +679,73 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html - https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
notes: Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. notes: Chrome Browser releases, infrastructure and admin console are not using
versions of Log4j affected by the vulnerability.
references: references:
- '' - ''
last_updated: '2022-01-14' last_updated: '2022-01-14'
- vendor: Google Cloud
product: Access Transparency
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Actifio
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
for the full statement and to obtain the hotfix (available to Actifio customers
only).
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: AI Platform Data Labeling product: AI Platform Data Labeling
cves: cves:
@ -773,68 +836,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Access Transparency
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Actifio
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
for the full statement and to obtain the hotfix (available to Actifio customers
only).
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Anthos product: Anthos
cves: cves:
@ -988,6 +989,40 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos on VMWare
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
to their VMware products as they become available. We also recommend customers
review their respective applications and workloads affected by the same vulnerabilities
and apply appropriate patches.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Anthos Premium Software product: Anthos Premium Software
cves: cves:
@ -1048,40 +1083,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos on VMWare
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
to their VMware products as they become available. We also recommend customers
review their respective applications and workloads affected by the same vulnerabilities
and apply appropriate patches.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Apigee product: Apigee
cves: cves:
@ -1792,36 +1793,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud DNS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Data Loss Prevention product: Cloud Data Loss Prevention
cves: cves:
@ -1912,6 +1883,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud DNS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Endpoints product: Cloud Endpoints
cves: cves:
@ -2036,7 +2037,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Intrusion Detection System (IDS) product: Cloud Interconnect
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2066,7 +2067,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Interconnect product: Cloud Intrusion Detection System (IDS)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2185,36 +2186,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Network Address Translation (NAT)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Natural Language API product: Cloud Natural Language API
cves: cves:
@ -2245,6 +2216,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Network Address Translation (NAT)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Profiler product: Cloud Profiler
cves: cves:
@ -2372,7 +2373,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud SDK product: Cloud Scheduler
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2402,37 +2403,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud SQL product: Cloud SDK
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Google Cloud
product: Cloud Scheduler
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2554,6 +2525,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-19T00:00:00' last_updated: '2021-12-19T00:00:00'
- vendor: Google Cloud
product: Cloud SQL
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Storage product: Cloud Storage
cves: cves:
@ -2704,36 +2705,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud VPN
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: Cloud Vision product: Cloud Vision
cves: cves:
@ -2794,6 +2765,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud VPN
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud - vendor: Google Cloud
product: CompilerWorks product: CompilerWorks
cves: cves:
@ -4865,66 +4866,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:53+00:00' last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee - vendor: Gravitee
product: Alert Engine product: Alert Engine
cves: cves:
@ -4985,6 +4926,66 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:53+00:00' last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee - vendor: Gravitee
product: Cockpit product: Cockpit
cves: cves:

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -613,35 +613,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND Controller product: BOND Controller
cves: cves:
@ -671,64 +642,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND RX product: BOND RX
cves: cves:
@ -787,6 +700,93 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: CEREBRO product: CEREBRO
cves: cves:

View file

@ -62,6 +62,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: ManageEngine
product: AD SelfService Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Build 6.1 build 6114
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-27T00:00:00'
- vendor: ManageEngine - vendor: ManageEngine
product: Servicedesk Plus product: Servicedesk Plus
cves: cves:
@ -73,7 +102,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '11305 and below' - 11305 and below
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -92,35 +121,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: ManageEngine
product: AD SelfService Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'Build 6.1 build 6114'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-27T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: '' product: ''
cves: cves:
@ -150,6 +150,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: ManageEngine Zoho
product: ADAudit Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
notes: ''
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: ADManager Plus product: ADManager Plus
cves: cves:
@ -180,7 +209,36 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: ADAudit Plus product: Analytics Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
notes: ''
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: Cloud Security Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -266,64 +324,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: M365 Manager Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
notes: ''
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: RecoveryManager Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
notes: ''
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: Exchange Reporter Plus product: Exchange Reporter Plus
cves: cves:
@ -412,7 +412,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: Cloud Security Plus product: M365 Manager Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -470,7 +470,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: Analytics Plus product: RecoveryManager Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -569,7 +569,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -598,7 +598,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- '1.59.10+' - 1.59.10+
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -927,7 +927,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: ePolicy Orchestrator Application Server (ePO) product: Enterprise Security Manager (ESM)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -938,7 +938,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- '5.10 CU11' - 11.5.3
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -984,6 +984,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: ePolicy Orchestrator Application Server (ePO)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 5.10 CU11
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: Host Intrusion Prevention (Host IPS) product: Host Intrusion Prevention (Host IPS)
cves: cves:
@ -1264,34 +1294,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Security for Microsoft SharePoint (MSMS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Security for Microsoft Exchange (MSME) product: McAfee Security for Microsoft Exchange (MSME)
cves: cves:
@ -1321,7 +1323,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: Enterprise Security Manager (ESM) product: McAfee Security for Microsoft SharePoint (MSMS)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1329,10 +1331,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions: []
- '11.5.3'
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -1344,8 +1345,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links: []
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
notes: '' notes: ''
references: references:
- '' - ''
@ -1637,8 +1637,8 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft - vendor: Micro Focus
product: Azure Application Gateway product: Data Protector
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1646,9 +1646,19 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions:
- '10.20'
- '10.30'
- '10.40'
- '10.50'
- '10.60'
- '10.70'
- '10.80'
- '10.90'
- '10.91'
- '11.00'
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -1661,11 +1671,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ - https://portal.microfocus.com/s/article/KM000003052
notes: '' notes: ''
references: references:
- '' - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2021-12-13T00:00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure API Gateway product: Azure API Gateway
cves: cves:
@ -1695,6 +1705,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft
product: Azure Application Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure Data lake store java product: Azure Data lake store java
cves: cves:
@ -1706,7 +1745,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '< 2.3.10' - < 2.3.10
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -1736,7 +1775,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '< 2.3.10' - < 2.3.10
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -1756,7 +1795,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure DevOps Server product: Azure DevOps
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1764,9 +1803,8 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: affected_versions: []
- '2019.0 - 2020.1'
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -1786,7 +1824,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure DevOps product: Azure DevOps Server
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1794,8 +1832,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions:
- 2019.0 - 2020.1
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -1854,7 +1893,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '2018.2+' - 2018.2+
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -1902,45 +1941,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Micro Focus
product: Data Protector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '10.20'
- '10.30'
- '10.40'
- '10.50'
- '10.60'
- '10.70'
- '10.80'
- '10.90'
- '10.91'
- '11.00'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://portal.microfocus.com/s/article/KM000003052
notes: ''
references:
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
last_updated: '2021-12-13T00:00:00'
- vendor: Midori Global - vendor: Midori Global
product: '' product: ''
cves: cves:
@ -2538,7 +2538,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: '' investigated: ''
affected_versions: [] affected_versions: []
@ -2551,7 +2551,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability - https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
notes: Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected. notes: Moxa is investigating to determine if any of our products are affected
by this vulnerability. At the time of publication, none of Moxa's products are
affected.
references: references:
- '' - ''
last_updated: '2022-01-19T00:00:00' last_updated: '2022-01-19T00:00:00'
@ -2586,7 +2588,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: Mule Runtime product: Anypoint Studio
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2596,39 +2598,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '3.x' - 7.x
- '4.x'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021
notes: This advisory is available to account holders only and has not been reviewed
by CISA.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Mule Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '6.x'
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -2679,7 +2649,7 @@ software:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: Anypoint Studio product: Mule Agent
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2689,7 +2659,39 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '7.x' - 6.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021
notes: This advisory is available to account holders only and has not been reviewed
by CISA.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Mule Runtime
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.x
- 4.x
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:

View file

@ -102,9 +102,9 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- 'Vertica' - Vertica
- 'Cloudera' - Cloudera
- 'Logstash' - Logstash
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -136,7 +136,7 @@ software:
investigated: true investigated: true
affected_versions: affected_versions:
- '>4.2' - '>4.2'
- '<4..2.12' - <4..2.12
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -282,7 +282,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- '3.0.57' - 3.0.57
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -312,7 +312,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '<7.4.3' - <7.4.3
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -374,7 +374,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- '21.04.0.5552' - 21.04.0.5552
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1342,35 +1342,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: LCM product: LCM
cves: cves:
@ -1401,6 +1372,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: Mine product: Mine
cves: cves:

View file

@ -294,6 +294,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta - vendor: Okta
product: Okta RADIUS Server Agent product: Okta RADIUS Server Agent
cves: cves:
@ -382,36 +412,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Onespan - vendor: Onespan
product: '' product: ''
cves: cves:
@ -586,37 +586,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-23T00:00:00' last_updated: '2021-12-23T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22 - vendor: Opto 22
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
cves: cves:
@ -710,6 +679,37 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-13T00:00:00' last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Oracle - vendor: Oracle
product: '' product: ''
cves: cves:
@ -741,7 +741,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Exadata product: Enterprise Manager
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -751,7 +751,8 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- <21.3.4 - '13.5'
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -773,7 +774,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Enterprise Manager product: Exadata
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -783,8 +784,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '13.5' - <21.3.4
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:

View file

@ -62,36 +62,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:55+00:00' last_updated: '2022-01-12T07:18:55+00:00'
- vendor: QMATIC
product: Orchestra Central
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 6.0+
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC - vendor: QMATIC
product: Appointment Booking product: Appointment Booking
cves: cves:
@ -122,6 +92,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC
product: Appointment Booking
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Cloud/Managed Service
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: log4j 2.16 applied 2021-12-15
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC - vendor: QMATIC
product: Insights product: Insights
cves: cves:
@ -153,7 +153,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC - vendor: QMATIC
product: Appointment Booking product: Orchestra Central
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -162,10 +162,10 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions: []
- Cloud/Managed Service
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- 6.0+
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -178,7 +178,7 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: log4j 2.16 applied 2021-12-15 notes: ''
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -94,6 +94,36 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UiPath
product: InSights
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '20.10'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Umbraco - vendor: Umbraco
product: '' product: ''
cves: cves:
@ -210,36 +240,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UiPath
product: InSights
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '20.10'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: USSIGNAL MSP - vendor: USSIGNAL MSP
product: '' product: ''
cves: cves:

View file

@ -4,35 +4,6 @@ owners:
- name: cisagov - name: cisagov
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varian - vendor: Varian
product: Acuity product: Acuity
cves: cves:
@ -63,36 +34,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA Connect (Cloverleaf) product: ARIA Connect (Cloverleaf)
cves: cves:
@ -123,96 +64,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA eDOC product: ARIA eDOC
cves: cves:
@ -244,7 +95,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology product: ARIA oncology information system for Medical Oncology
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -252,11 +103,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
fixed_versions: []
unaffected_versions:
- All - All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -393,6 +274,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: DoseLab product: DoseLab
cves: cves:
@ -573,6 +484,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ICAP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Identify product: Identify
cves: cves:
@ -694,7 +635,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ICAP product: Mobius3D platform
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -724,7 +665,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Mobius3D platform product: PaaS
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -933,36 +874,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: PaaS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: TrueBeam radiotherapy system product: TrueBeam radiotherapy system
cves: cves:
@ -1234,6 +1145,95 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varnish Software - vendor: Varnish Software
product: '' product: ''
cves: cves:
@ -1421,7 +1421,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: '' investigated: ''
affected_versions: [] affected_versions: []
@ -1678,6 +1678,71 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware Carbon Black Cloud Workload Appliance product: VMware Carbon Black Cloud Workload Appliance
cves: cves:
@ -2291,71 +2356,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware vRealize Automation product: VMware vRealize Automation
cves: cves:
@ -2614,7 +2614,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: '' investigated: ''
affected_versions: [] affected_versions: []

View file

@ -150,36 +150,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: WIBU Systems
product: CodeMeter Keyring for TIA Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 1.30 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: Only the Password Manager is affected
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WIBU Systems - vendor: WIBU Systems
product: CodeMeter Cloud Lite product: CodeMeter Cloud Lite
cves: cves:
@ -210,6 +180,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: WIBU Systems
product: CodeMeter Keyring for TIA Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 1.30 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: Only the Password Manager is affected
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WindRiver - vendor: WindRiver
product: '' product: ''
cves: cves:

View file

@ -236,6 +236,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Configuration change complete
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem - vendor: Xylem
product: Sensus Analytics product: Sensus Analytics
cves: cves:
@ -411,7 +440,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Xylem - vendor: Xylem
product: Sensus RNI Saas product: Sensus RNI On Prem
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -443,7 +472,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Xylem - vendor: Xylem
product: Sensus RNI On Prem product: Sensus RNI Saas
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -561,35 +590,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Configuration change complete
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem - vendor: Xylem
product: Xylem Cloud product: Xylem Cloud
cves: cves: