Update the software list

2 years ago · 1ac6221a21
parent 1accb4541f
commit 1ac6221a21
23 changed files with 3349 additions and 3339 deletions
--- a/SOFTWARE-LIST.md
+++ b/SOFTWARE-LIST.md
@ -231,10 +231,10 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Beijer Electronics | WARP Engineering Studio |  |  | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | Bender |  |  |  | Unknown | [link](https://www.bender.de/en/cert) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) |  |  |  | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | BeyondTrust Bomgar |  |  |  | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | BeyondTrust | Privilege Management Cloud |  | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | BeyondTrust | Privilege Management Reporting in BeyondInsight |  | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | BeyondTrust | Secure Remote Access appliances |  |  | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | BeyondTrust Bomgar |  |  |  | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | BioMerieux |  |  |  | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | BisectHosting |  |  |  | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | BitDefender |  |  |  | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -949,8 +949,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Elastic | Kibana |  |  | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | Elastic | Logstash | &lt;6.8.21, &lt;7.16.1 |  | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | Elastic | Machine Learning |  |  | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | ElasticSearch | all products |  |  | Unknown |  |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Elastic | Swiftype |  |  | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | ElasticSearch | all products |  |  | Unknown |  |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Ellucian | Admin |  |  | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | Ellucian | Banner Analytics |  |  | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | Ellucian | Banner Document Management (includes Banner Document Retention) |  |  | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
@ -1180,6 +1180,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | GoAnywhere | MFT | &lt; 6.8.6 |  | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
 | GoAnywhere | MFT Agents | &lt; 1.6.5 |  | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
 | GoCD |  |  |  | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Google | Chrome |  |  | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
 | Google Cloud | Access Transparency |  |  | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
 | Google Cloud | Actifio |  |  | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
 | Google Cloud | AI Platform Data Labeling |  |  | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
@ -1309,14 +1310,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Google Cloud | Virtual Private Cloud |  |  | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
 | Google Cloud | Web Security Scanner |  |  | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
 | Google Cloud | Workflows |  |  | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
 | Google | Chrome |  |  | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
 | Gradle | Gradle |  |  | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gradle | Gradle Enterprise | &lt; 2021.3.6 |  | Affected | [link](https://security.gradle.com/advisory/2021-11) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gradle | Gradle Enterprise Build Cache Node | &lt; 10.1 |  | Affected | [link](https://security.gradle.com/advisory/2021-11) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gradle | Gradle Enterprise Test Distribution Agent | &lt; 1.6.2 |  | Affected | [link](https://security.gradle.com/advisory/2021-11) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Grafana |  |  |  | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Grandstream |  |  |  | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravitee.io |  |  |  | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravitee | Access Management |  |  | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravitee | Access Management |  |  | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravitee | Alert Engine |  |  | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1324,6 +1323,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Gravitee | API Management |  |  | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravitee | API Management |  |  | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravitee | Cockpit |  |  | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravitee.io |  |  |  | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Gravwell |  |  |  | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Graylog | Graylog Server | All versions &gt;= 1.2.0 and &lt;= 4.2.2 |  | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | GreenShot |  |  |  | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1396,7 +1396,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | HOLOGIC | Unifi Workspace |  |  | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
 | HOLOGIC | Windows Selenia Mammography System |  |  | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
 | Honeywell |  |  |  | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
-| HPE/Micro Focus | Data Protector |  | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) |  | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
+| HP | Teradici Cloud Access Controller |  | &lt; v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici EMSDK |  | &lt; 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici Management Console |  | &lt; 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici PCoIP Connection Manager |  | &lt; 21.03.6, &lt; 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici PCoIP License Server |  |  | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HPE | 3PAR StoreServ Arrays |  |  | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&amp;docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
 | HPE | AirWave Management Platform |  |  | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&amp;docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
 | HPE | Alletra 6000 |  |  | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&amp;docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
@ -1526,11 +1530,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | HPE | Superdome Flex 280 |  |  | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&amp;docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
 | HPE | Superdome Flex Server |  |  | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&amp;docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
 | HPE | UAN (User Access Node) |  |  | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&amp;docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
-| HP | Teradici Cloud Access Controller |  | &lt; v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
+| HPE/Micro Focus | Data Protector |  | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) |  | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici EMSDK |  | &lt; 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici Management Console |  | &lt; 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici PCoIP Connection Manager |  | &lt; 21.03.6, &lt; 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | HP | Teradici PCoIP License Server |  |  | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | Huawei |  |  |  | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Hubspot |  |  |  | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | I-Net software |  |  |  | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -2019,6 +2019,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Lyrasis | Fedora Repository |  |  | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux.  Uses logback and explicitly excludes log4j. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
 | MailStore |  |  |  | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Maltego |  |  |  | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | ManageEngine | AD SelfService Plus |  |  | Not Affected |  |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
 | ManageEngine | Servicedesk Plus | 11305 and below |  | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | ManageEngine Zoho |  |  |  | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | ManageEngine Zoho | ADAudit Plus |  |  | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
 | ManageEngine Zoho | ADManager Plus |  |  | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2032,8 +2034,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | ManageEngine Zoho | M365 Manager Plus |  |  | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
 | ManageEngine Zoho | M365 Security Plus |  |  | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
 | ManageEngine Zoho | RecoveryManager Plus |  |  | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
 | ManageEngine | AD SelfService Plus |  |  | Not Affected |  |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
 | ManageEngine | Servicedesk Plus | 11305 and below |  | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | MariaDB |  |  |  | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | MathWorks | All MathWorks general release desktop or server products |  |  | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
 | MathWorks | MATLAB |  |  | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
@ -2319,6 +2319,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Shibboleth | All Products |  |  | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
 | Shopify |  |  |  | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Siebel |  |  |  | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Siemens | Affected Products |  |  | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | Siemens | Affected Products |  |  | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
 | Siemens Energy | Affected Products |  |  | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
 | Siemens Energy | Affected Products |  |  | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
 | Siemens Energy | Affected Products |  |  | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2356,8 +2358,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B |  |  | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | Siemens Healthineers | X.Ceed Somaris 10 VA40* |  |  | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* |  |  | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | Siemens | Affected Products |  |  | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | Siemens | Affected Products |  |  | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
 | Sierra Wireless |  |  |  | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Sierra Wireless | AirVantage and Octave cloud platforms |  |  | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
 | Sierra Wireless | AM/AMM servers |  |  | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
@ -2458,8 +2458,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 |  | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
 | Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older |  | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
 | Sprecher Automation |  |  |  | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Spring Boot |  |  |  | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Spring | Spring Boot |  |  | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Spring Boot |  |  |  | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | StarDog |  |  |  | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | STERIS | Advantage |  |  | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | STERIS | Advantage Plus |  |  | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
--- a/data/cisagov.yml
+++ b/data/cisagov.yml
--- a/data/cisagov_A.yml
+++ b/data/cisagov_A.yml
--- a/data/cisagov_B.yml
+++ b/data/cisagov_B.yml
@ -33,7 +33,7 @@ software:
    references:
      - ''
    last_updated: '2021-12-16T00:00:00'
-  - vendor: Baxter
+  - vendor: BackBox
    product: ''
    cves:
      cve-2021-4104:
@ -57,12 +57,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
+      - https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-20T00:00:00'
+    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: BackBox
+  - vendor: Balbix
    product: ''
    cves:
      cve-2021-4104:
@ -86,12 +86,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf
+      - https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: Balbix
+  - vendor: Baramundi Products
    product: ''
    cves:
      cve-2021-4104:
@ -115,12 +115,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/
+      - https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: Baramundi Products
+  - vendor: Barco
    product: ''
    cves:
      cve-2021-4104:
@ -144,12 +144,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875
+      - https://www.barco.com/en/support/knowledge-base/kb12495
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: Barco
+  - vendor: Barracuda
    product: ''
    cves:
      cve-2021-4104:
@ -173,12 +173,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.barco.com/en/support/knowledge-base/kb12495
+      - https://www.barracuda.com/company/legal/trust-center
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: Barracuda
+  - vendor: Baxter
    product: ''
    cves:
      cve-2021-4104:
@ -202,13 +202,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.barracuda.com/company/legal/trust-center
+      - https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
    notes: ''
    references:
      - ''
-    last_updated: '2022-01-12T07:18:50+00:00'
+    last_updated: '2021-12-20T00:00:00'
  - vendor: BBraun
-    product: Outlook® Safety Infusion System Pump family
+    product: APEX® Compounder
    cves:
      cve-2021-4104:
        investigated: false
@ -237,8 +237,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BBraun
-    product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
+    product: DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software
      Space® Infusion
    cves:
      cve-2021-4104:
        investigated: false
@ -267,7 +266,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BBraun
-    product: Pump, SpaceStation, and Space® Wireless Battery)
+    product: Outlook® Safety Infusion System Pump family
    cves:
      cve-2021-4104:
        investigated: false
@ -296,7 +295,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BBraun
-    product: DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software
+    product: Pinnacle® Compounder
    cves:
      cve-2021-4104:
        investigated: false
@ -325,7 +324,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BBraun
-    product: Pinnacle® Compounder
+    product: Pump, SpaceStation, and Space® Wireless Battery)
    cves:
      cve-2021-4104:
        investigated: false
@ -354,7 +353,8 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BBraun
-    product: APEX® Compounder
+    product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
      Space® Infusion
    cves:
      cve-2021-4104:
        investigated: false
@ -615,7 +615,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BD
-    product: BD Knowledge Portal for Infusion Technologies
+    product: BD Knowledge Portal for BD Pyxis™ Supply
    cves:
      cve-2021-4104:
        investigated: false
@ -644,7 +644,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BD
-    product: BD Knowledge Portal for Medication Technologies
+    product: BD Knowledge Portal for Infusion Technologies
    cves:
      cve-2021-4104:
        investigated: false
@ -673,7 +673,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: BD
-    product: BD Knowledge Portal for BD Pyxis™ Supply
+    product: BD Knowledge Portal for Medication Technologies
    cves:
      cve-2021-4104:
        investigated: false
@ -1049,7 +1049,7 @@ software:
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
-  - vendor: BioMerieux
+  - vendor: Bender
    product: ''
    cves:
      cve-2021-4104:
@ -1073,12 +1073,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.biomerieux.com/en/cybersecurity-data-privacy
+      - https://www.bender.de/en/cert
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-22T00:00:00'
+    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: Bender
+  - vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response
      (RTIR)
    product: ''
    cves:
      cve-2021-4104:
@ -1102,14 +1103,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.bender.de/en/cert
+      - https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response
+  - vendor: BeyondTrust
-      (RTIR)
+    product: Privilege Management Cloud
    product: ''
    cves:
      cve-2021-4104:
        investigated: false
@ -1117,9 +1117,10 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
-        fixed_versions: []
+        fixed_versions:
          - Unknown
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -1132,13 +1133,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j
+      - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell
    notes: ''
    references:
      - ''
-    last_updated: '2022-01-12T07:18:50+00:00'
+    last_updated: '2021-12-17T00:00:00'
  - vendor: BeyondTrust
-    product: Privilege Management Cloud
+    product: Privilege Management Reporting in BeyondInsight
    cves:
      cve-2021-4104:
        investigated: false
@ -1149,7 +1150,7 @@ software:
        investigated: true
        affected_versions: []
        fixed_versions:
-          - Unknown
+          - '21.2'
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -1168,7 +1169,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: BeyondTrust
-    product: Privilege Management Reporting in BeyondInsight
+    product: Secure Remote Access appliances
    cves:
      cve-2021-4104:
        investigated: false
@ -1178,9 +1179,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
-          - '21.2'
+        unaffected_versions:
-        unaffected_versions: []
+          - Unknown
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1197,8 +1198,8 @@ software:
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
-  - vendor: BeyondTrust
+  - vendor: BeyondTrust Bomgar
-    product: Secure Remote Access appliances
+    product: ''
    cves:
      cve-2021-4104:
        investigated: false
@ -1206,11 +1207,10 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - Unknown
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1222,12 +1222,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell
+      - https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-17T00:00:00'
+    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: BeyondTrust Bomgar
+  - vendor: BioMerieux
    product: ''
    cves:
      cve-2021-4104:
@ -1251,11 +1251,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
+      - https://www.biomerieux.com/en/cybersecurity-data-privacy
    notes: ''
    references:
      - ''
-    last_updated: '2022-01-12T07:18:50+00:00'
+    last_updated: '2021-12-22T00:00:00'
  - vendor: BisectHosting
    product: ''
    cves:
@ -2590,7 +2590,7 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:50+00:00'
-  - vendor: Boston Scientific
+  - vendor: Bosch
    product: ''
    cves:
      cve-2021-4104:
@ -2614,12 +2614,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
+      - https://bosch-iot-suite.com/news/apache-log4j-rce-vulnerability/
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-20T00:00:00'
+    last_updated: '2021-12-22T00:00:00'
-  - vendor: Bosch
+  - vendor: Boston Scientific
    product: ''
    cves:
      cve-2021-4104:
@ -2643,11 +2643,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://bosch-iot-suite.com/news/apache-log4j-rce-vulnerability/
+      - https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-22T00:00:00'
+    last_updated: '2021-12-20T00:00:00'
  - vendor: Box
    product: ''
    cves:
--- a/data/cisagov_C.yml
+++ b/data/cisagov_C.yml
@ -121,7 +121,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Canon
-    product: CT Medical Imaging Products
+    product: Alphenix (Angio Workstation)
    cves:
      cve-2021-4104:
        investigated: false
@ -150,7 +150,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Canon
-    product: MR Medical Imaging Products
+    product: CT Medical Imaging Products
    cves:
      cve-2021-4104:
        investigated: false
@ -179,7 +179,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Canon
-    product: UL Medical Imaging Products
+    product: Infinix-i (Angio Workstation)
    cves:
      cve-2021-4104:
        investigated: false
@ -208,7 +208,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Canon
-    product: XR Medical Imaging Products
+    product: MR Medical Imaging Products
    cves:
      cve-2021-4104:
        investigated: false
@ -266,7 +266,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Canon
-    product: Vitrea Advanced 7.x
+    product: UL Medical Imaging Products
    cves:
      cve-2021-4104:
        investigated: false
@ -295,7 +295,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Canon
-    product: Infinix-i (Angio Workstation)
+    product: Vitrea Advanced 7.x
    cves:
      cve-2021-4104:
        investigated: false
@ -324,7 +324,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Canon
-    product: Alphenix (Angio Workstation)
+    product: XR Medical Imaging Products
    cves:
      cve-2021-4104:
        investigated: false
@ -997,65 +997,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Common Services Platform Collector
+    product: Cisco ACI Multi-Site Orchestrator
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: Cisco Network Services Orchestrator (NSO)
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: Cisco System Architecture Evolution Gateway (SAEGW)
    cves:
      cve-2021-4104:
        investigated: false
@ -1084,7 +1026,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco ACI Multi-Site Orchestrator
+    product: Cisco ACI Virtual Edge
    cves:
      cve-2021-4104:
        investigated: false
@ -1113,7 +1055,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco ACI Virtual Edge
+    product: Cisco Adaptive Security Appliance (ASA) Software
    cves:
      cve-2021-4104:
        investigated: false
@ -1142,7 +1084,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Adaptive Security Appliance (ASA) Software
+    product: Cisco Advanced Web Security Reporting Application
    cves:
      cve-2021-4104:
        investigated: false
@ -1171,7 +1113,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Advanced Web Security Reporting Application
+    product: Cisco AMP Virtual Private Cloud Appliance
    cves:
      cve-2021-4104:
        investigated: false
@ -1200,7 +1142,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco AMP Virtual Private Cloud Appliance
+    product: Cisco AnyConnect Secure Mobility Client
    cves:
      cve-2021-4104:
        investigated: false
@ -1229,7 +1171,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco AnyConnect Secure Mobility Client
+    product: Cisco Application Policy Infrastructure Controller (APIC)
    cves:
      cve-2021-4104:
        investigated: false
@ -1258,7 +1200,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Application Policy Infrastructure Controller (APIC)
+    product: Cisco ASR 5000 Series Routers
    cves:
      cve-2021-4104:
        investigated: false
@ -1287,7 +1229,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco ASR 5000 Series Routers
+    product: Cisco Broadcloud Calling
    cves:
      cve-2021-4104:
        investigated: false
@ -1316,7 +1258,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Broadcloud Calling
+    product: Cisco BroadWorks
    cves:
      cve-2021-4104:
        investigated: false
@ -1345,7 +1287,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco BroadWorks
+    product: Cisco Catalyst 9800 Series Wireless Controllers
    cves:
      cve-2021-4104:
        investigated: false
@ -1374,7 +1316,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Catalyst 9800 Series Wireless Controllers
+    product: Cisco CloudCenter Suite Admin
    cves:
      cve-2021-4104:
        investigated: false
@ -1403,7 +1345,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco CloudCenter Suite Admin
+    product: Cisco CloudCenter Workload Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -1432,7 +1374,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco CloudCenter Workload Manager
+    product: Cisco Cognitive Intelligence
    cves:
      cve-2021-4104:
        investigated: false
@ -1461,7 +1403,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Cognitive Intelligence
+    product: Cisco Common Services Platform Collector
    cves:
      cve-2021-4104:
        investigated: false
@ -1866,34 +1808,6 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: DUO network gateway (on-prem/self-hosted)
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links: []
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: Cisco Elastic Services Controller (ESC)
    cves:
@ -2736,6 +2650,35 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: Cisco Network Services Orchestrator (NSO)
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: Cisco Nexus 5500 Platform Switches
    cves:
@ -3028,7 +2971,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Paging Server (InformaCast)
+    product: Cisco Paging Server
    cves:
      cve-2021-4104:
        investigated: false
@ -3057,7 +3000,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Paging Server
+    product: Cisco Paging Server (InformaCast)
    cves:
      cve-2021-4104:
        investigated: false
@ -3665,6 +3608,35 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: Cisco System Architecture Evolution Gateway (SAEGW)
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: Cisco TelePresence Management Suite
    cves:
@ -3956,7 +3928,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Unified Contact Center Enterprise - Live Data server
+    product: Cisco Unified Contact Center Enterprise
    cves:
      cve-2021-4104:
        investigated: false
@ -3985,7 +3957,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
-    product: Cisco Unified Contact Center Enterprise
+    product: Cisco Unified Contact Center Enterprise - Live Data server
    cves:
      cve-2021-4104:
        investigated: false
@ -4419,6 +4391,34 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: DUO network gateway (on-prem/self-hosted)
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links: []
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cisco
    product: duo network gateway (on-prem/self-hosted)
    cves:
@ -4811,7 +4811,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Citrix
-    product: ShareFile Storage Zones Controller
+    product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
    cves:
      cve-2021-4104:
        investigated: false
@ -4835,16 +4835,19 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: Citrix continues to investigate any potential impact on Citrix-managed
+    notes: 'IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046:
-      cloud services. If, as the investigation continues, any Citrix-managed services
+      Customers are advised to apply the latest update as soon as possible to reduce
-      are found to be affected by this issue, Citrix will take immediate action to
+      the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html).
-      remediate the problem. Customers using Citrix-managed cloud services do not
+      See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for
-      need to take any action.
+      additional mitigations. For CVE-2021-45105: Investigation has shown that Linux
      VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30,
      released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED:
      Linux VDA LTSR all versions; All other CVAD components.'
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Citrix
-    product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
+    product: Citrix Workspace App
    cves:
      cve-2021-4104:
        investigated: false
@ -4852,10 +4855,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - All Platforms
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -4868,19 +4872,16 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: 'IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046:
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
-      Customers are advised to apply the latest update as soon as possible to reduce
+      cloud services. If, as the investigation continues, any Citrix-managed services
-      the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html).
+      are found to be affected by this issue, Citrix will take immediate action to
-      See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for
+      remediate the problem. Customers using Citrix-managed cloud services do not
-      additional mitigations. For CVE-2021-45105: Investigation has shown that Linux
+      need to take any action.
      VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30,
      released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED:
      Linux VDA LTSR all versions; All other CVAD components.'
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Citrix
-    product: Citrix Workspace App
+    product: ShareFile Storage Zones Controller
    cves:
      cve-2021-4104:
        investigated: false
@ -4888,11 +4889,10 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -6163,7 +6163,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cloudera
-    product: Workload XM (SaaS)
+    product: Workload XM
    cves:
      cve-2021-4104:
        investigated: false
@ -6171,8 +6171,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - All versions
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -6192,7 +6193,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:51+00:00'
  - vendor: Cloudera
-    product: Workload XM
+    product: Workload XM (SaaS)
    cves:
      cve-2021-4104:
        investigated: false
@ -6200,9 +6201,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - All versions
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -6663,7 +6663,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Confluent
-    product: Confluent Platform
+    product: Confluent ElasticSearch Sink Connector
    cves:
      cve-2021-4104:
        investigated: false
@ -6673,7 +6673,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - <7.0.1
+          - <11.1.7
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -6723,7 +6723,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Confluent
-    product: Confluent Kafka Connectors
+    product: Confluent Google DataProc Sink Connector
    cves:
      cve-2021-4104:
        investigated: false
@ -6732,10 +6732,10 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions: []
+        affected_versions:
          - <1.1.5
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - N/A
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -6753,7 +6753,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Confluent
-    product: Confluent ElasticSearch Sink Connector
+    product: Confluent HDFS 2 Sink Connector
    cves:
      cve-2021-4104:
        investigated: false
@ -6763,7 +6763,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - <11.1.7
+          - <10.1.3
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -6783,7 +6783,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Confluent
-    product: Confluent Google DataProc Sink Connector
+    product: Confluent HDFS 3 Sink Connector
    cves:
      cve-2021-4104:
        investigated: false
@ -6793,7 +6793,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - <1.1.5
+          - <1.1.8
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -6813,7 +6813,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Confluent
-    product: Confluent Splunk Sink Connector
+    product: Confluent Kafka Connectors
    cves:
      cve-2021-4104:
        investigated: false
@ -6822,10 +6822,10 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions:
+        affected_versions: []
          - <2.05
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - N/A
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -6843,7 +6843,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Confluent
-    product: Confluent HDFS 2 Sink Connector
+    product: Confluent Platform
    cves:
      cve-2021-4104:
        investigated: false
@ -6853,7 +6853,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - <10.1.3
+          - <7.0.1
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -6873,7 +6873,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Confluent
-    product: Confluent HDFS 3 Sink Connector
+    product: Confluent Splunk Sink Connector
    cves:
      cve-2021-4104:
        investigated: false
@ -6883,7 +6883,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - <1.1.8
+          - <2.05
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
--- a/data/cisagov_D.yml
+++ b/data/cisagov_D.yml
--- a/data/cisagov_E.yml
+++ b/data/cisagov_E.yml
@ -356,7 +356,7 @@ software:
      - ''
    last_updated: '2021-12-15T00:00:00'
  - vendor: Elastic
-    product: Elastic Cloud Enterprise
+    product: Elastic Cloud
    cves:
      cve-2021-4104:
        investigated: false
@ -414,7 +414,7 @@ software:
      - ''
    last_updated: '2021-12-15T00:00:00'
  - vendor: Elastic
-    product: Elastic Cloud on Kubernetes
+    product: Elastic Cloud Enterprise
    cves:
      cve-2021-4104:
        investigated: false
@ -443,7 +443,7 @@ software:
      - ''
    last_updated: '2021-12-15T00:00:00'
  - vendor: Elastic
-    product: Elastic Cloud
+    product: Elastic Cloud on Kubernetes
    cves:
      cve-2021-4104:
        investigated: false
@ -795,7 +795,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: Ellucian
-    product: Banner Analytics
+    product: Admin
    cves:
      cve-2021-4104:
        investigated: false
@ -824,7 +824,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Colleague
+    product: Banner Analytics
    cves:
      cve-2021-4104:
        investigated: false
@ -848,12 +848,12 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue
-    notes: On-prem and cloud deployements expect fixed 12/18/2021
+    notes: ''
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Admin
+    product: Banner Document Management (includes Banner Document Retention)
    cves:
      cve-2021-4104:
        investigated: false
@ -882,7 +882,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Enterprise Identity Services(BEIS)
+    product: Banner Event Publisher
    cves:
      cve-2021-4104:
        investigated: false
@ -969,7 +969,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Banner Workflow
+    product: Banner Self Service
    cves:
      cve-2021-4104:
        investigated: false
@ -998,7 +998,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Banner Document Management (includes Banner Document Retention)
+    product: Banner Workflow
    cves:
      cve-2021-4104:
        investigated: false
@ -1027,7 +1027,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Advance Web Connector
+    product: Colleague
    cves:
      cve-2021-4104:
        investigated: false
@ -1051,12 +1051,12 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue
-    notes: ''
+    notes: On-prem and cloud deployements expect fixed 12/18/2021
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian eTranscripts
+    product: Colleague Analytics
    cves:
      cve-2021-4104:
        investigated: false
@ -1085,7 +1085,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Mobile
+    product: CRM Advance
    cves:
      cve-2021-4104:
        investigated: false
@ -1114,7 +1114,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Solution Manager
+    product: CRM Advise
    cves:
      cve-2021-4104:
        investigated: false
@ -1143,7 +1143,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Banner Event Publisher
+    product: CRM Recruit
    cves:
      cve-2021-4104:
        investigated: false
@ -1172,7 +1172,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Banner Self Service
+    product: Ellucian Advance Web Connector
    cves:
      cve-2021-4104:
        investigated: false
@ -1201,7 +1201,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Colleague Analytics
+    product: Ellucian Data Access
    cves:
      cve-2021-4104:
        investigated: false
@ -1230,7 +1230,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: CRM Advance
+    product: Ellucian Design Path
    cves:
      cve-2021-4104:
        investigated: false
@ -1259,7 +1259,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: CRM Advise
+    product: Ellucian Ellucian Portal
    cves:
      cve-2021-4104:
        investigated: false
@ -1288,7 +1288,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: CRM Recruit
+    product: Ellucian ePrint
    cves:
      cve-2021-4104:
        investigated: false
@ -1317,7 +1317,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Data Access
+    product: Ellucian Ethos API & API Management Center
    cves:
      cve-2021-4104:
        investigated: false
@ -1346,7 +1346,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Design Path
+    product: Ellucian Ethos Extend
    cves:
      cve-2021-4104:
        investigated: false
@ -1375,7 +1375,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian ePrint
+    product: Ellucian Ethos Integration
    cves:
      cve-2021-4104:
        investigated: false
@ -1404,7 +1404,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Ethos API & API Management Center
+    product: Ellucian eTranscripts
    cves:
      cve-2021-4104:
        investigated: false
@ -1433,7 +1433,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Ethos Extend
+    product: Ellucian Experience
    cves:
      cve-2021-4104:
        investigated: false
@ -1462,7 +1462,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Ethos Integration
+    product: Ellucian Intelligent Platform (ILP)
    cves:
      cve-2021-4104:
        investigated: false
@ -1491,7 +1491,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Experience
+    product: Ellucian International Student and Scholar Management (ISSM)
    cves:
      cve-2021-4104:
        investigated: false
@ -1520,7 +1520,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Intelligent Platform (ILP)
+    product: Ellucian Message Service (EMS)
    cves:
      cve-2021-4104:
        investigated: false
@ -1549,7 +1549,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian International Student and Scholar Management (ISSM)
+    product: Ellucian Messaging Adapter (EMA)
    cves:
      cve-2021-4104:
        investigated: false
@ -1578,7 +1578,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Message Service (EMS)
+    product: Ellucian Mobile
    cves:
      cve-2021-4104:
        investigated: false
@ -1607,7 +1607,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Messaging Adapter (EMA)
+    product: Ellucian Payment Gateway
    cves:
      cve-2021-4104:
        investigated: false
@ -1636,7 +1636,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Payment Gateway
+    product: Ellucian PowerCampus
    cves:
      cve-2021-4104:
        investigated: false
@ -1665,7 +1665,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian Ellucian Portal
+    product: Ellucian Solution Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -1723,7 +1723,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Ellucian
-    product: Ellucian PowerCampus
+    product: Enterprise Identity Services(BEIS)
    cves:
      cve-2021-4104:
        investigated: false
@ -1752,7 +1752,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: K-Series Coriolis Transmitters
+    product: 148 Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -1781,7 +1781,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Prolink Configuration Software
+    product: 2051 Pressure Transmitter Family
    cves:
      cve-2021-4104:
        investigated: false
@ -1810,7 +1810,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Prolink Mobile Application & ProcessViz Software
+    product: 2088 Pressure Transmitter Family
    cves:
      cve-2021-4104:
        investigated: false
@ -1839,7 +1839,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 4732 Endeavor
+    product: 2090F/2090P Pressure Transmitters
    cves:
      cve-2021-4104:
        investigated: false
@ -1868,7 +1868,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Vortex and Magmeter Transmitters
+    product: 215 Pressure Sensor Module
    cves:
      cve-2021-4104:
        investigated: false
@ -1897,7 +1897,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: USM 3410 and 3810 Series Ultrasonic Transmitters
+    product: 248 Configuration Application
    cves:
      cve-2021-4104:
        investigated: false
@ -1926,7 +1926,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Mark III Gas and Liquid USM
+    product: 248 Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -1955,7 +1955,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Flarecheck FlowCheck Flowel & PWAM software
+    product: 3051 & 3051S Pressure transmitter families
    cves:
      cve-2021-4104:
        investigated: false
@ -1984,7 +1984,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: MPFM2600 & MPFM5726
+    product: 3144P Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2013,7 +2013,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: DHNC1 DHNC2
+    product: 326P Pressure Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2042,7 +2042,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: WCM SWGM
+    product: 326T Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2071,7 +2071,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Fieldwatch and Service consoles
+    product: 327T Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2100,7 +2100,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 5726 Transmitter
+    product: 4088 Pressure Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2129,7 +2129,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Plantweb Advisor for Metrology and Metering Suite SDK
+    product: 4088 Upgrade Utility
    cves:
      cve-2021-4104:
        investigated: false
@ -2158,7 +2158,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
+    product: 4600 Pressure Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2187,7 +2187,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
+    product: 4732 Endeavor
    cves:
      cve-2021-4104:
        investigated: false
@ -2216,9 +2216,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
+    product: 4732 Endeavor
      Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
      Monitor'
    cves:
      cve-2021-4104:
        investigated: false
@ -2247,7 +2245,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: K-Series Coriolis Transmitters
+    product: 550 PT Pressure Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2276,7 +2274,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Prolink Configuration Software
+    product: 5726 Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2305,7 +2303,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Prolink Mobile Application & ProcessViz Software
+    product: 5726 Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2334,7 +2332,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 4732 Endeavor
+    product: 644 Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2363,7 +2361,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Vortex and Magmeter Transmitters
+    product: 648 Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2392,7 +2390,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: USM 3410 and 3810 Series Ultrasonic Transmitters
+    product: 848T Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -2421,7 +2419,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Mark III Gas and Liquid USM
+    product: 'Combustion: OCX OXT 6888 CX1100 6888Xi'
    cves:
      cve-2021-4104:
        investigated: false
@ -2450,7 +2448,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Flarecheck FlowCheck Flowel & PWAM software
+    product: CT2211 QCL Aerosol Microleak Detection System
    cves:
      cve-2021-4104:
        investigated: false
@ -2479,7 +2477,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: MPFM2600 & MPFM5726
+    product: CT3000 QCL Automotive OEM Gas Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -2508,7 +2506,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: DHNC1 DHNC2
+    product: CT4000 QCL Marine OEM Gas Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -2537,7 +2535,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: WCM SWGM
+    product: CT4215 QCL Packaging Leak Detection System
    cves:
      cve-2021-4104:
        investigated: false
@ -2566,7 +2564,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Fieldwatch and Service consoles
+    product: CT4400 QCL General Purpose Continuous Gas Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -2595,7 +2593,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 5726 Transmitter
+    product: CT4404 QCL pMDI Leak Detection Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -2624,7 +2622,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Plantweb Advisor for Metrology and Metering Suite SDK
+    product: CT5100 QCL Field Housing Continuous Gas Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -2653,7 +2651,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
+    product: CT5400 QCL General Purpose Continuous Gas Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -2682,7 +2680,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
+    product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -2711,9 +2709,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
+    product: DHNC1 DHNC2
      Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
      Monitor'
    cves:
      cve-2021-4104:
        investigated: false
@ -2742,7 +2738,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Incus Ultrasonic gas leak detector
+    product: DHNC1 DHNC2
    cves:
      cve-2021-4104:
        investigated: false
@ -2771,8 +2767,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared
+    product: Emerson Aperio software
      Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector'
    cves:
      cve-2021-4104:
        investigated: false
@ -2801,7 +2796,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Liquid Transmitters: 5081 1066 1056 1057 56'
+    product: Engineering Assistant 5.x & 6.x
    cves:
      cve-2021-4104:
        investigated: false
@ -2830,7 +2825,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 'Combustion: OCX OXT 6888 CX1100 6888Xi'
+    product: Fieldwatch and Service consoles
    cves:
      cve-2021-4104:
        investigated: false
@ -2859,7 +2854,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Spectrex family Flame Detectors and Rosemount 975 flame detector
+    product: Fieldwatch and Service consoles
    cves:
      cve-2021-4104:
        investigated: false
@ -2888,7 +2883,8 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT4400 QCL General Purpose Continuous Gas Analyzer
+    product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared
      Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector'
    cves:
      cve-2021-4104:
        investigated: false
@ -2917,7 +2913,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT5400 QCL General Purpose Continuous Gas Analyzer
+    product: Flarecheck FlowCheck Flowel & PWAM software
    cves:
      cve-2021-4104:
        investigated: false
@ -2946,7 +2942,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT5100 QCL Field Housing Continuous Gas Analyzer
+    product: Flarecheck FlowCheck Flowel & PWAM software
    cves:
      cve-2021-4104:
        investigated: false
@ -2975,7 +2971,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer
+    product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
    cves:
      cve-2021-4104:
        investigated: false
@ -3004,7 +3000,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT4215 QCL Packaging Leak Detection System
+    product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)'
    cves:
      cve-2021-4104:
        investigated: false
@ -3033,7 +3029,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT2211 QCL Aerosol Microleak Detection System
+    product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
    cves:
      cve-2021-4104:
        investigated: false
@ -3062,7 +3058,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT4404 QCL pMDI Leak Detection Analyzer
+    product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020'
    cves:
      cve-2021-4104:
        investigated: false
@ -3091,7 +3087,9 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT4000 QCL Marine OEM Gas Analyzer
+    product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
      Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
      Monitor'
    cves:
      cve-2021-4104:
        investigated: false
@ -3120,7 +3118,9 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: CT3000 QCL Automotive OEM Gas Analyzer
+    product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless
      Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle
      Monitor'
    cves:
      cve-2021-4104:
        investigated: false
@ -3149,7 +3149,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 3051 & 3051S Pressure transmitter families
+    product: Incus Ultrasonic gas leak detector
    cves:
      cve-2021-4104:
        investigated: false
@ -3178,7 +3178,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 2051 Pressure Transmitter Family
+    product: K-Series Coriolis Transmitters
    cves:
      cve-2021-4104:
        investigated: false
@ -3207,7 +3207,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 4088 Pressure Transmitter
+    product: K-Series Coriolis Transmitters
    cves:
      cve-2021-4104:
        investigated: false
@ -3236,7 +3236,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 2088 Pressure Transmitter Family
+    product: 'Liquid Transmitters: 5081 1066 1056 1057 56'
    cves:
      cve-2021-4104:
        investigated: false
@ -3265,7 +3265,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 2090F/2090P Pressure Transmitters
+    product: Mark III Gas and Liquid USM
    cves:
      cve-2021-4104:
        investigated: false
@ -3294,7 +3294,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 4600 Pressure Transmitter
+    product: Mark III Gas and Liquid USM
    cves:
      cve-2021-4104:
        investigated: false
@ -3323,7 +3323,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 215 Pressure Sensor Module
+    product: MPFM2600 & MPFM5726
    cves:
      cve-2021-4104:
        investigated: false
@ -3352,7 +3352,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 550 PT Pressure Transmitter
+    product: MPFM2600 & MPFM5726
    cves:
      cve-2021-4104:
        investigated: false
@ -3381,7 +3381,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 326P Pressure Transmitter
+    product: Plantweb Advisor for Metrology and Metering Suite SDK
    cves:
      cve-2021-4104:
        investigated: false
@ -3410,7 +3410,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 3144P Temperature Transmitter
+    product: Plantweb Advisor for Metrology and Metering Suite SDK
    cves:
      cve-2021-4104:
        investigated: false
@ -3439,7 +3439,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 644 Temperature Transmitter
+    product: Prolink Configuration Software
    cves:
      cve-2021-4104:
        investigated: false
@ -3468,7 +3468,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 848T Temperature Transmitter
+    product: Prolink Configuration Software
    cves:
      cve-2021-4104:
        investigated: false
@ -3497,7 +3497,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 148 Temperature Transmitter
+    product: Prolink Mobile Application & ProcessViz Software
    cves:
      cve-2021-4104:
        investigated: false
@ -3526,7 +3526,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 248 Temperature Transmitter
+    product: Prolink Mobile Application & ProcessViz Software
    cves:
      cve-2021-4104:
        investigated: false
@ -3555,7 +3555,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 326T Temperature Transmitter
+    product: Rosemount 2230 Graphical Field Display
    cves:
      cve-2021-4104:
        investigated: false
@ -3584,7 +3584,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 327T Temperature Transmitter
+    product: Rosemount 2240S Multi-input Temperature Transmitter
    cves:
      cve-2021-4104:
        investigated: false
@ -3613,7 +3613,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 648 Temperature Transmitter
+    product: Rosemount 2410 Tank Hub
    cves:
      cve-2021-4104:
        investigated: false
@ -3642,7 +3642,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 4088 Upgrade Utility
+    product: Rosemount 2460 System Hub
    cves:
      cve-2021-4104:
        investigated: false
@ -3671,7 +3671,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Engineering Assistant 5.x & 6.x
+    product: Rosemount 3490 Controller
    cves:
      cve-2021-4104:
        investigated: false
@ -3700,7 +3700,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: 248 Configuration Application
+    product: Rosemount CMS/IOU 61
    cves:
      cve-2021-4104:
        investigated: false
@ -3729,7 +3729,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount IO-Link Assistant
+    product: Rosemount CMS/SCU 51/SCC
    cves:
      cve-2021-4104:
        investigated: false
@ -3758,7 +3758,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount TankMaster and TankMaster Mobile
+    product: Rosemount CMS/WSU 51/SWF 51
    cves:
      cve-2021-4104:
        investigated: false
@ -3787,7 +3787,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount RadarMaster and RadarMaster Plus
+    product: Rosemount IO-Link Assistant
    cves:
      cve-2021-4104:
        investigated: false
@ -3816,7 +3816,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount Radar Configuration Tool
+    product: Rosemount Level Detectors (21xx)
    cves:
      cve-2021-4104:
        investigated: false
@ -3845,7 +3845,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount 2460 System Hub
+    product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx)
    cves:
      cve-2021-4104:
        investigated: false
@ -3874,7 +3874,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount 2410 Tank Hub
+    product: Rosemount Radar Configuration Tool
    cves:
      cve-2021-4104:
        investigated: false
@ -3903,7 +3903,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount 3490 Controller
+    product: Rosemount Radar Level Gauges (Pro 39xx 59xx)
    cves:
      cve-2021-4104:
        investigated: false
@ -3932,7 +3932,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount 2230 Graphical Field Display
+    product: Rosemount RadarMaster and RadarMaster Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -3961,7 +3961,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount 2240S Multi-input Temperature Transmitter
+    product: Rosemount Tank Radar Gauges (TGUxx)
    cves:
      cve-2021-4104:
        investigated: false
@ -3990,7 +3990,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount CMS/SCU 51/SCC
+    product: Rosemount TankMaster and TankMaster Mobile
    cves:
      cve-2021-4104:
        investigated: false
@ -4019,7 +4019,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount CMS/WSU 51/SWF 51
+    product: Spectrex family Flame Detectors and Rosemount 975 flame detector
    cves:
      cve-2021-4104:
        investigated: false
@ -4048,7 +4048,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount CMS/IOU 61
+    product: USM 3410 and 3810 Series Ultrasonic Transmitters
    cves:
      cve-2021-4104:
        investigated: false
@ -4077,7 +4077,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx)
+    product: USM 3410 and 3810 Series Ultrasonic Transmitters
    cves:
      cve-2021-4104:
        investigated: false
@ -4106,7 +4106,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount Radar Level Gauges (Pro 39xx 59xx)
+    product: Vortex and Magmeter Transmitters
    cves:
      cve-2021-4104:
        investigated: false
@ -4135,7 +4135,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount Tank Radar Gauges (TGUxx)
+    product: Vortex and Magmeter Transmitters
    cves:
      cve-2021-4104:
        investigated: false
@ -4164,7 +4164,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Rosemount Level Detectors (21xx)
+    product: WCM SWGM
    cves:
      cve-2021-4104:
        investigated: false
@ -4193,7 +4193,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Emerson
-    product: Emerson Aperio software
+    product: WCM SWGM
    cves:
      cve-2021-4104:
        investigated: false
--- a/data/cisagov_F.yml
+++ b/data/cisagov_F.yml
@ -243,7 +243,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: Traffix SDC
+    product: NGINX App Protect
    cves:
      cve-2021-4104:
        investigated: false
@ -252,11 +252,10 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions:
+        affected_versions: []
          - 5.x (5.2.0 CF1
          - 5.1.0 CF-30 - 5.1.0 CF-33)
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - 3.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -269,13 +268,12 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://support.f5.com/csp/article/K19026212
-    notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
+    notes: ''
      Kibana), Element Management System'
    references:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX Plus
+    product: NGINX Controller
    cves:
      cve-2021-4104:
        investigated: false
@ -287,7 +285,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - R19 - R25
+          - 3.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -305,7 +303,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX Open Source
+    product: NGINX Ingress Controller
    cves:
      cve-2021-4104:
        investigated: false
@ -317,7 +315,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 1.x
+          - 1.x - 2.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -335,7 +333,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX Unit
+    product: NGINX Instance Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -365,7 +363,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX App Protect
+    product: NGINX Open Source
    cves:
      cve-2021-4104:
        investigated: false
@ -377,7 +375,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 3.x
+          - 1.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -395,7 +393,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX Controller
+    product: NGINX Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -407,7 +405,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 3.x
+          - R19 - R25
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -425,7 +423,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX Ingress Controller
+    product: NGINX Service Mesh
    cves:
      cve-2021-4104:
        investigated: false
@ -437,7 +435,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 1.x - 2.x
+          - 1.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -455,7 +453,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX Instance Manager
+    product: NGINX Unit
    cves:
      cve-2021-4104:
        investigated: false
@ -485,7 +483,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: F5
-    product: NGINX Service Mesh
+    product: Traffix SDC
    cves:
      cve-2021-4104:
        investigated: false
@ -494,10 +492,11 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions: []
+        affected_versions:
          - 5.x (5.2.0 CF1
          - 5.1.0 CF-30 - 5.1.0 CF-33)
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - 1.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -510,7 +509,8 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://support.f5.com/csp/article/K19026212
-    notes: ''
+    notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search +
      Kibana), Element Management System'
    references:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
--- a/data/cisagov_G.yml
+++ b/data/cisagov_G.yml
@ -65,7 +65,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: GE Gas Power
-    product: Baseline Security Center (BSC)
+    product: Asset Performance Management (APM)
    cves:
      cve-2021-4104:
        investigated: false
@ -89,13 +89,12 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
-    notes: Vulnerability to be fixed by vendor provided workaround. No user actions
+    notes: GE verifying workaround.
      necessary. Contact GE for details.
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: GE Gas Power
-    product: Baseline Security Center (BSC) 2.0
+    product: Baseline Security Center (BSC)
    cves:
      cve-2021-4104:
        investigated: false
@ -120,12 +119,12 @@ software:
    vendor_links:
      - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
    notes: Vulnerability to be fixed by vendor provided workaround. No user actions
-      necessary. Contact GE for details
+      necessary. Contact GE for details.
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: GE Gas Power
-    product: Asset Performance Management (APM)
+    product: Baseline Security Center (BSC) 2.0
    cves:
      cve-2021-4104:
        investigated: false
@ -149,7 +148,8 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
-    notes: GE verifying workaround.
+    notes: Vulnerability to be fixed by vendor provided workaround. No user actions
      necessary. Contact GE for details
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
@ -536,7 +536,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:52+00:00'
  - vendor: GoAnywhere
-    product: MFT
+    product: Gateway
    cves:
      cve-2021-4104:
        investigated: false
@ -546,7 +546,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - < 6.8.6
+          - < 2.8.4
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -566,7 +566,7 @@ software:
      - ''
    last_updated: '2021-12-18T00:00:00'
  - vendor: GoAnywhere
-    product: Gateway
+    product: MFT
    cves:
      cve-2021-4104:
        investigated: false
@ -576,7 +576,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - < 2.8.4
+          - < 6.8.6
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -679,12 +679,13 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
-    notes: Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability.
+    notes: Chrome Browser releases, infrastructure and admin console are not using
      versions of Log4j affected by the vulnerability.
    references:
      - ''
    last_updated: '2022-01-14'
  - vendor: Google Cloud
-    product: AI Platform Data Labeling
+    product: Access Transparency
    cves:
      cve-2021-4104:
        investigated: false
@ -714,7 +715,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: AI Platform Neural Architecture Search (NAS)
+    product: Actifio
    cves:
      cve-2021-4104:
        investigated: false
@ -738,13 +739,15 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://cloud.google.com/log4j2-security-advisory
-    notes: Product does not use Log4j 2 and is not impacted by the issues identified
+    notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
-      in CVE-2021-44228 and CVE-2021-45046.
+      has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
      for the full statement and to obtain the hotfix (available to Actifio customers
      only).
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: AI Platform Training and Prediction
+    product: AI Platform Data Labeling
    cves:
      cve-2021-4104:
        investigated: false
@ -774,7 +777,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Access Transparency
+    product: AI Platform Neural Architecture Search (NAS)
    cves:
      cve-2021-4104:
        investigated: false
@ -804,7 +807,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Actifio
+    product: AI Platform Training and Prediction
    cves:
      cve-2021-4104:
        investigated: false
@ -828,10 +831,8 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://cloud.google.com/log4j2-security-advisory
-    notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
+    notes: Product does not use Log4j 2 and is not impacted by the issues identified
-      has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
+      in CVE-2021-44228 and CVE-2021-45046.
      for the full statement and to obtain the hotfix (available to Actifio customers
      only).
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -989,7 +990,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Anthos Premium Software
+    product: Anthos on VMWare
    cves:
      cve-2021-4104:
        investigated: false
@ -1014,12 +1015,16 @@ software:
    vendor_links:
      - https://cloud.google.com/log4j2-security-advisory
    notes: Product does not use Log4j 2 and is not impacted by the issues identified
-      in CVE-2021-44228 and CVE-2021-45046.
+      in CVE-2021-44228 and CVE-2021-45046.  We strongly encourage customers to check
      VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
      to their VMware products as they become available. We also recommend customers
      review their respective applications and workloads affected by the same vulnerabilities
      and apply appropriate patches.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Anthos Service Mesh
+    product: Anthos Premium Software
    cves:
      cve-2021-4104:
        investigated: false
@ -1049,7 +1054,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Anthos on VMWare
+    product: Anthos Service Mesh
    cves:
      cve-2021-4104:
        investigated: false
@ -1074,11 +1079,7 @@ software:
    vendor_links:
      - https://cloud.google.com/log4j2-security-advisory
    notes: Product does not use Log4j 2 and is not impacted by the issues identified
-      in CVE-2021-44228 and CVE-2021-45046.  We strongly encourage customers to check
+      in CVE-2021-44228 and CVE-2021-45046.
      VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
      to their VMware products as they become available. We also recommend customers
      review their respective applications and workloads affected by the same vulnerabilities
      and apply appropriate patches.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -1793,7 +1794,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud DNS
+    product: Cloud Data Loss Prevention
    cves:
      cve-2021-4104:
        investigated: false
@ -1821,9 +1822,9 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-20T00:00:00'
+    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Data Loss Prevention
+    product: Cloud Debugger
    cves:
      cve-2021-4104:
        investigated: false
@ -1853,7 +1854,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Debugger
+    product: Cloud Deployment Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -1883,7 +1884,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Deployment Manager
+    product: Cloud DNS
    cves:
      cve-2021-4104:
        investigated: false
@ -1911,7 +1912,7 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-21T00:00:00'
+    last_updated: '2021-12-20T00:00:00'
  - vendor: Google Cloud
    product: Cloud Endpoints
    cves:
@ -2036,7 +2037,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Intrusion Detection System (IDS)
+    product: Cloud Interconnect
    cves:
      cve-2021-4104:
        investigated: false
@ -2066,7 +2067,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Interconnect
+    product: Cloud Intrusion Detection System (IDS)
    cves:
      cve-2021-4104:
        investigated: false
@ -2186,7 +2187,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Network Address Translation (NAT)
+    product: Cloud Natural Language API
    cves:
      cve-2021-4104:
        investigated: false
@ -2214,9 +2215,9 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-20T00:00:00'
+    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Natural Language API
+    product: Cloud Network Address Translation (NAT)
    cves:
      cve-2021-4104:
        investigated: false
@ -2244,7 +2245,7 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-21T00:00:00'
+    last_updated: '2021-12-20T00:00:00'
  - vendor: Google Cloud
    product: Cloud Profiler
    cves:
@ -2372,7 +2373,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud SDK
+    product: Cloud Scheduler
    cves:
      cve-2021-4104:
        investigated: false
@ -2402,7 +2403,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud SQL
+    product: Cloud SDK
    cves:
      cve-2021-4104:
        investigated: false
@ -2430,9 +2431,9 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-19T00:00:00'
+    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Scheduler
+    product: Cloud Shell
    cves:
      cve-2021-4104:
        investigated: false
@ -2457,12 +2458,15 @@ software:
    vendor_links:
      - https://cloud.google.com/log4j2-security-advisory
    notes: Product does not use Log4j 2 and is not impacted by the issues identified
-      in CVE-2021-44228 and CVE-2021-45046.
+      in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
      logging solution that uses Log4j 2. We strongly encourage customers who manage
      Cloud Shell environments to identify components dependent on Log4j 2 and update
      them to the latest version.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Shell
+    product: Cloud Source Repositories
    cves:
      cve-2021-4104:
        investigated: false
@ -2487,15 +2491,12 @@ software:
    vendor_links:
      - https://cloud.google.com/log4j2-security-advisory
    notes: Product does not use Log4j 2 and is not impacted by the issues identified
-      in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate
+      in CVE-2021-44228 and CVE-2021-45046.
      logging solution that uses Log4j 2. We strongly encourage customers who manage
      Cloud Shell environments to identify components dependent on Log4j 2 and update
      them to the latest version.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Source Repositories
+    product: Cloud Spanner
    cves:
      cve-2021-4104:
        investigated: false
@ -2523,9 +2524,9 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-21T00:00:00'
+    last_updated: '2021-12-19T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Spanner
+    product: Cloud SQL
    cves:
      cve-2021-4104:
        investigated: false
@ -2705,7 +2706,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud VPN
+    product: Cloud Vision
    cves:
      cve-2021-4104:
        investigated: false
@ -2733,9 +2734,9 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-20T00:00:00'
+    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Vision
+    product: Cloud Vision OCR On-Prem
    cves:
      cve-2021-4104:
        investigated: false
@ -2765,7 +2766,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Google Cloud
-    product: Cloud Vision OCR On-Prem
+    product: Cloud VPN
    cves:
      cve-2021-4104:
        investigated: false
@ -2793,7 +2794,7 @@ software:
      in CVE-2021-44228 and CVE-2021-45046.
    references:
      - ''
-    last_updated: '2021-12-21T00:00:00'
+    last_updated: '2021-12-20T00:00:00'
  - vendor: Google Cloud
    product: CompilerWorks
    cves:
@ -4866,7 +4867,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:53+00:00'
  - vendor: Gravitee
-    product: API Management
+    product: Alert Engine
    cves:
      cve-2021-4104:
        investigated: false
@ -4878,7 +4879,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 3.10.x
+          - 1.5.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -4896,7 +4897,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:53+00:00'
  - vendor: Gravitee
-    product: API Management
+    product: Alert Engine
    cves:
      cve-2021-4104:
        investigated: false
@ -4908,7 +4909,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 3.5.x
+          - 1.4.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -4926,7 +4927,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:53+00:00'
  - vendor: Gravitee
-    product: Alert Engine
+    product: API Management
    cves:
      cve-2021-4104:
        investigated: false
@ -4938,7 +4939,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 1.5.x
+          - 3.10.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -4956,7 +4957,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:53+00:00'
  - vendor: Gravitee
-    product: Alert Engine
+    product: API Management
    cves:
      cve-2021-4104:
        investigated: false
@ -4968,7 +4969,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 1.4.x
+          - 3.5.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
--- a/data/cisagov_H.yml
+++ b/data/cisagov_H.yml
--- a/data/cisagov_I.yml
+++ b/data/cisagov_I.yml
--- a/data/cisagov_J.yml
+++ b/data/cisagov_J.yml
@ -209,9 +209,8 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: JetBrains
-    product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand,
+    product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory,
-      IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu,
+      dotCover, dotPeek)
      Rider, RubyMine, WebStorm)
    cves:
      cve-2021-4104:
        investigated: false
@ -240,9 +239,8 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: JetBrains
+  - vendor: Jetbrains
-    product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory,
+    product: Code With Me
      dotCover, dotPeek)
    cves:
      cve-2021-4104:
        investigated: false
@ -252,9 +250,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions: []
-        fixed_versions: []
+        fixed_versions:
        unaffected_versions:
          - Unknown
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -272,7 +270,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: ToolBox
+    product: Datalore
    cves:
      cve-2021-4104:
        investigated: false
@ -302,7 +300,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: TeamCity
+    product: Floating license server
    cves:
      cve-2021-4104:
        investigated: false
@ -312,9 +310,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions: []
-        fixed_versions: []
+        fixed_versions:
-        unaffected_versions:
+          - '30211'
-          - Unknown
+        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -326,13 +324,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://youtrack.jetbrains.com/issue/TW-74298
+      - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: Hub
+    product: Gateway
    cves:
      cve-2021-4104:
        investigated: false
@ -342,9 +340,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
-          - 2021.1.14080
+        unaffected_versions:
-        unaffected_versions: []
+          - Unknown
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -356,13 +354,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/
+      - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: YouTrack Standalone
+    product: Hub
    cves:
      cve-2021-4104:
        investigated: false
@ -373,7 +371,7 @@ software:
        investigated: true
        affected_versions: []
        fixed_versions:
-          - 2021.4.35970
+          - 2021.1.14080
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -386,13 +384,15 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/
+      - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: YouTrack InCloud
+    product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand,
      IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu,
      Rider, RubyMine, WebStorm)
    cves:
      cve-2021-4104:
        investigated: false
@ -402,9 +402,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
        unaffected_versions:
          - Unknown
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -422,7 +422,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: Datalore
+    product: Kotlin
    cves:
      cve-2021-4104:
        investigated: false
@ -452,7 +452,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: Space
+    product: Ktor
    cves:
      cve-2021-4104:
        investigated: false
@ -481,8 +481,8 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: Jetbrains
+  - vendor: JetBrains
-    product: Code With Me
+    product: MPS
    cves:
      cve-2021-4104:
        investigated: false
@ -492,9 +492,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
        unaffected_versions:
          - Unknown
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -512,7 +512,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: Gateway
+    product: Space
    cves:
      cve-2021-4104:
        investigated: false
@ -542,7 +542,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: Kotlin
+    product: TeamCity
    cves:
      cve-2021-4104:
        investigated: false
@ -566,13 +566,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
+      - https://youtrack.jetbrains.com/issue/TW-74298
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: Ktor
+    product: ToolBox
    cves:
      cve-2021-4104:
        investigated: false
@ -602,7 +602,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: MPS
+    product: UpSource
    cves:
      cve-2021-4104:
        investigated: false
@ -612,9 +612,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions: []
-        fixed_versions: []
+        fixed_versions:
-        unaffected_versions:
+          - 2020.1.1952
-          - Unknown
+        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -632,7 +632,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: Floating license server
+    product: YouTrack InCloud
    cves:
      cve-2021-4104:
        investigated: false
@ -643,7 +643,7 @@ software:
        investigated: true
        affected_versions: []
        fixed_versions:
-          - '30211'
+          - Unknown
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -662,7 +662,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: JetBrains
-    product: UpSource
+    product: YouTrack Standalone
    cves:
      cve-2021-4104:
        investigated: false
@ -673,7 +673,7 @@ software:
        investigated: true
        affected_versions: []
        fixed_versions:
-          - 2020.1.1952
+          - 2021.4.35970
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -686,7 +686,7 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
+      - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/
    notes: ''
    references:
      - ''
@ -778,8 +778,8 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: jPOS
+  - vendor: Johnson Controls
-    product: (ISO-8583) bridge
+    product: BCPro
    cves:
      cve-2021-4104:
        investigated: false
@ -791,7 +791,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - Unknown
+          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -803,13 +803,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625
+      - https://www.johnsoncontrols.com/cyber-solutions/security-advisories
    notes: ''
    references:
      - ''
-    last_updated: '2022-01-12T07:18:54+00:00'
+    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: C•CURE‐9000
+    product: CEM AC2000
    cves:
      cve-2021-4104:
        investigated: false
@ -821,7 +821,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 2.90.x (all 2.90 versions)
+          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -839,7 +839,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: C•CURE‐9000
+    product: CEM Hardware Products
    cves:
      cve-2021-4104:
        investigated: false
@ -851,7 +851,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 2.80.x (all 2.80 versions)
+          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -869,7 +869,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: C•CURE‐9000
+    product: CloudVue Gateway
    cves:
      cve-2021-4104:
        investigated: false
@ -881,7 +881,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 2.70 (All versions)
+          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -899,7 +899,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: C•CURE‐9000
+    product: CloudVue Web
    cves:
      cve-2021-4104:
        investigated: false
@ -911,7 +911,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 2.60 (All versions)
+          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -929,7 +929,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: victor
+    product: C•CURE‐9000
    cves:
      cve-2021-4104:
        investigated: false
@ -941,7 +941,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 5.x
+          - 2.90.x (all 2.90 versions)
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -959,7 +959,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: victor/ C•CURE‐9000 Unified
+    product: C•CURE‐9000
    cves:
      cve-2021-4104:
        investigated: false
@ -971,7 +971,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 3.81.x / victor 5.4.1 / C•CURE‐9000 2.80
+          - 2.80.x (all 2.80 versions)
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -989,7 +989,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: victor/ C•CURE‐9000 Unified
+    product: C•CURE‐9000
    cves:
      cve-2021-4104:
        investigated: false
@ -1001,7 +1001,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90
+          - 2.70 (All versions)
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1019,7 +1019,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: Metasys Products and Tools
+    product: C•CURE‐9000
    cves:
      cve-2021-4104:
        investigated: false
@ -1031,7 +1031,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - All versions
+          - 2.60 (All versions)
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1049,7 +1049,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: Facility Explorer
+    product: DLS
    cves:
      cve-2021-4104:
        investigated: false
@ -1061,7 +1061,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 14.x
+          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1079,7 +1079,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: CEM AC2000
+    product: Entrapass
    cves:
      cve-2021-4104:
        investigated: false
@ -1109,7 +1109,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: CEM Hardware Products
+    product: exacqVision Client
    cves:
      cve-2021-4104:
        investigated: false
@ -1139,7 +1139,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: Illustra Cameras
+    product: exacqVision Server
    cves:
      cve-2021-4104:
        investigated: false
@ -1169,7 +1169,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: Illustra Insight
+    product: exacqVision WebService
    cves:
      cve-2021-4104:
        investigated: false
@ -1199,7 +1199,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: Tyco AI
+    product: Facility Explorer
    cves:
      cve-2021-4104:
        investigated: false
@ -1211,7 +1211,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - All versions
+          - 14.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1229,7 +1229,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: DLS
+    product: Illustra Cameras
    cves:
      cve-2021-4104:
        investigated: false
@ -1259,7 +1259,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: Entrapass
+    product: Illustra Insight
    cves:
      cve-2021-4104:
        investigated: false
@ -1289,7 +1289,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: CloudVue Web
+    product: iSTAR
    cves:
      cve-2021-4104:
        investigated: false
@ -1319,7 +1319,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: CloudVue Gateway
+    product: Metasys Products and Tools
    cves:
      cve-2021-4104:
        investigated: false
@ -1349,7 +1349,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: Qolsys IQ Panels
+    product: PowerSeries NEO
    cves:
      cve-2021-4104:
        investigated: false
@ -1379,7 +1379,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: PowerSeries NEO
+    product: PowerSeries Pro
    cves:
      cve-2021-4104:
        investigated: false
@ -1409,7 +1409,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: PowerSeries Pro
+    product: Qolsys IQ Panels
    cves:
      cve-2021-4104:
        investigated: false
@ -1469,7 +1469,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: VideoEdge
+    product: Tyco AI
    cves:
      cve-2021-4104:
        investigated: false
@ -1481,7 +1481,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 5.x
+          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1499,7 +1499,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: exacqVision Server
+    product: victor
    cves:
      cve-2021-4104:
        investigated: false
@ -1511,7 +1511,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - All versions
+          - 5.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1529,7 +1529,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: exacqVision Client
+    product: victor/ C•CURE‐9000 Unified
    cves:
      cve-2021-4104:
        investigated: false
@ -1541,7 +1541,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - All versions
+          - 3.81.x / victor 5.4.1 / C•CURE‐9000 2.80
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1559,7 +1559,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: exacqVision WebService
+    product: victor/ C•CURE‐9000 Unified
    cves:
      cve-2021-4104:
        investigated: false
@ -1571,7 +1571,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - All versions
+          - 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1589,7 +1589,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Johnson Controls
-    product: BCPro
+    product: VideoEdge
    cves:
      cve-2021-4104:
        investigated: false
@ -1601,7 +1601,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - All versions
+          - 5.x
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1618,8 +1618,8 @@ software:
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
-  - vendor: Johnson Controls
+  - vendor: Journyx
-    product: iSTAR
+    product: ''
    cves:
      cve-2021-4104:
        investigated: false
@ -1627,11 +1627,10 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All versions
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1643,13 +1642,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.johnsoncontrols.com/cyber-solutions/security-advisories
+      - https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228-
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-21T00:00:00'
+    last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: Journyx
+  - vendor: jPOS
-    product: ''
+    product: (ISO-8583) bridge
    cves:
      cve-2021-4104:
        investigated: false
@ -1657,10 +1656,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - Unknown
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1672,7 +1672,7 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228-
+      - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625
    notes: ''
    references:
      - ''
--- a/data/cisagov_L.yml
+++ b/data/cisagov_L.yml
@ -614,7 +614,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Leica BIOSYSTEMS
-    product: BOND-ADVANCE
+    product: BOND Controller
    cves:
      cve-2021-4104:
        investigated: false
@ -643,7 +643,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Leica BIOSYSTEMS
-    product: BOND Controller
+    product: BOND RX
    cves:
      cve-2021-4104:
        investigated: false
@ -672,7 +672,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Leica BIOSYSTEMS
-    product: BOND-III
+    product: BOND RXm
    cves:
      cve-2021-4104:
        investigated: false
@ -701,7 +701,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Leica BIOSYSTEMS
-    product: BOND-MAX
+    product: BOND-ADVANCE
    cves:
      cve-2021-4104:
        investigated: false
@ -730,7 +730,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Leica BIOSYSTEMS
-    product: BOND RX
+    product: BOND-III
    cves:
      cve-2021-4104:
        investigated: false
@ -759,7 +759,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Leica BIOSYSTEMS
-    product: BOND RXm
+    product: BOND-MAX
    cves:
      cve-2021-4104:
        investigated: false
--- a/data/cisagov_M.yml
+++ b/data/cisagov_M.yml
@ -63,7 +63,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: ManageEngine
-    product: Servicedesk Plus
+    product: AD SelfService Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -72,10 +72,10 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions:
+        affected_versions: []
          - '11305 and below'
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - Build 6.1 build 6114
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -86,14 +86,13 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
-    vendor_links:
+    vendor_links: []
      - https://www.manageengine.com/products/service-desk/security-response-plan.html
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-15T00:00:00'
+    last_updated: '2021-12-27T00:00:00'
  - vendor: ManageEngine
-    product: AD SelfService Plus
+    product: Servicedesk Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -102,10 +101,10 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions: []
+        affected_versions:
          - 11305 and below
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - 'Build 6.1 build 6114'
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -116,11 +115,12 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
-    vendor_links: []
+    vendor_links:
      - https://www.manageengine.com/products/service-desk/security-response-plan.html
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-27T00:00:00'
+    last_updated: '2021-12-15T00:00:00'
  - vendor: ManageEngine Zoho
    product: ''
    cves:
@ -151,7 +151,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: ManageEngine Zoho
-    product: ADManager Plus
+    product: ADAudit Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -180,7 +180,7 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: ManageEngine Zoho
-    product: ADAudit Plus
+    product: ADManager Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -209,7 +209,7 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: ManageEngine Zoho
-    product: DataSecurity Plus
+    product: Analytics Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -238,7 +238,7 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: ManageEngine Zoho
-    product: EventLog Analyzer
+    product: Cloud Security Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -267,7 +267,7 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: ManageEngine Zoho
-    product: M365 Manager Plus
+    product: DataSecurity Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -296,7 +296,7 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: ManageEngine Zoho
-    product: RecoveryManager Plus
+    product: EventLog Analyzer
    cves:
      cve-2021-4104:
        investigated: false
@ -412,7 +412,7 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: ManageEngine Zoho
-    product: Cloud Security Plus
+    product: M365 Manager Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -470,7 +470,7 @@ software:
      - ''
    last_updated: '2021-12-16T00:00:00'
  - vendor: ManageEngine Zoho
-    product: Analytics Plus
+    product: RecoveryManager Plus
    cves:
      cve-2021-4104:
        investigated: false
@ -569,7 +569,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 'All'
+          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -598,7 +598,7 @@ software:
        investigated: true
        affected_versions: []
        fixed_versions:
-          - '1.59.10+'
+          - 1.59.10+
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -927,7 +927,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: ePolicy Orchestrator Application Server (ePO)
+    product: Enterprise Security Manager (ESM)
    cves:
      cve-2021-4104:
        investigated: false
@ -938,7 +938,7 @@ software:
        investigated: true
        affected_versions: []
        fixed_versions:
-          - '5.10 CU11'
+          - 11.5.3
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -985,7 +985,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: Host Intrusion Prevention (Host IPS)
+    product: ePolicy Orchestrator Application Server (ePO)
    cves:
      cve-2021-4104:
        investigated: false
@ -993,9 +993,10 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
-        fixed_versions: []
+        fixed_versions:
          - 5.10 CU11
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -1007,13 +1008,14 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
-    vendor_links: []
+    vendor_links:
      - https://kc.mcafee.com/agent/index?page=content&id=SB10377
    notes: ''
    references:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: Management of Native Encryption (MNE)
+    product: Host Intrusion Prevention (Host IPS)
    cves:
      cve-2021-4104:
        investigated: false
@ -1041,7 +1043,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Active Response (MAR)
+    product: Management of Native Encryption (MNE)
    cves:
      cve-2021-4104:
        investigated: false
@ -1069,7 +1071,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Agent (MA)
+    product: McAfee Active Response (MAR)
    cves:
      cve-2021-4104:
        investigated: false
@ -1097,7 +1099,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Application and Change Control (MACC) for Linux
+    product: McAfee Agent (MA)
    cves:
      cve-2021-4104:
        investigated: false
@ -1125,7 +1127,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Application and Change Control (MACC) for Windows
+    product: McAfee Application and Change Control (MACC) for Linux
    cves:
      cve-2021-4104:
        investigated: false
@ -1153,7 +1155,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Client Proxy (MCP) for Mac
+    product: McAfee Application and Change Control (MACC) for Windows
    cves:
      cve-2021-4104:
        investigated: false
@ -1181,7 +1183,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Client Proxy (MCP) for Windows
+    product: McAfee Client Proxy (MCP) for Mac
    cves:
      cve-2021-4104:
        investigated: false
@ -1209,7 +1211,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Drive Encryption (MDE)
+    product: McAfee Client Proxy (MCP) for Windows
    cves:
      cve-2021-4104:
        investigated: false
@ -1237,7 +1239,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Security for Microsoft Exchange (MSME)
+    product: McAfee Drive Encryption (MDE)
    cves:
      cve-2021-4104:
        investigated: false
@ -1265,7 +1267,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: McAfee Security for Microsoft SharePoint (MSMS)
+    product: McAfee Security for Microsoft Exchange (MSME)
    cves:
      cve-2021-4104:
        investigated: false
@ -1321,7 +1323,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: McAfee
-    product: Enterprise Security Manager (ESM)
+    product: McAfee Security for Microsoft SharePoint (MSMS)
    cves:
      cve-2021-4104:
        investigated: false
@ -1329,10 +1331,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
          - '11.5.3'
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -1344,8 +1345,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
-    vendor_links:
+    vendor_links: []
      - https://kc.mcafee.com/agent/index?page=content&id=SB10377
    notes: ''
    references:
      - ''
@ -1637,8 +1637,8 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: Microsoft
+  - vendor: Micro Focus
-    product: Azure Application Gateway
+    product: Data Protector
    cves:
      cve-2021-4104:
        investigated: false
@ -1646,9 +1646,19 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
-        fixed_versions: []
+        fixed_versions:
          - '10.20'
          - '10.30'
          - '10.40'
          - '10.50'
          - '10.60'
          - '10.70'
          - '10.80'
          - '10.90'
          - '10.91'
          - '11.00'
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -1661,11 +1671,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
+      - https://portal.microfocus.com/s/article/KM000003052
    notes: ''
    references:
-      - ''
+      - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
-    last_updated: '2022-01-12T07:18:54+00:00'
+    last_updated: '2021-12-13T00:00:00'
  - vendor: Microsoft
    product: Azure API Gateway
    cves:
@ -1696,7 +1706,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: Microsoft
-    product: Azure Data lake store java
+    product: Azure Application Gateway
    cves:
      cve-2021-4104:
        investigated: false
@ -1704,9 +1714,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - '< 2.3.10'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -1720,7 +1729,7 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310
+      - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
    notes: ''
    references:
      - ''
@ -1736,7 +1745,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - '< 2.3.10'
+          - < 2.3.10
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -1756,7 +1765,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: Microsoft
-    product: Azure DevOps Server
+    product: Azure Data lake store java
    cves:
      cve-2021-4104:
        investigated: false
@ -1766,7 +1775,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - '2019.0 - 2020.1'
+          - < 2.3.10
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -1780,7 +1789,7 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
+      - https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310
    notes: ''
    references:
      - ''
@ -1815,7 +1824,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: Microsoft
-    product: Azure Traffic Manager
+    product: Azure DevOps Server
    cves:
      cve-2021-4104:
        investigated: false
@ -1823,8 +1832,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - 2019.0 - 2020.1
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -1838,13 +1848,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
+      - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: Microsoft
-    product: Team Foundation Server
+    product: Azure Traffic Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -1852,9 +1862,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - '2018.2+'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -1868,13 +1877,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
+      - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: Microstrategy
+  - vendor: Microsoft
-    product: ''
+    product: Team Foundation Server
    cves:
      cve-2021-4104:
        investigated: false
@ -1882,8 +1891,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - 2018.2+
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -1897,13 +1907,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US
+      - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: Micro Focus
+  - vendor: Microstrategy
-    product: Data Protector
+    product: ''
    cves:
      cve-2021-4104:
        investigated: false
@ -1911,19 +1921,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
          - '10.20'
          - '10.30'
          - '10.40'
          - '10.50'
          - '10.60'
          - '10.70'
          - '10.80'
          - '10.90'
          - '10.91'
          - '11.00'
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -1936,11 +1936,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://portal.microfocus.com/s/article/KM000003052
+      - https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US
    notes: ''
    references:
-      - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
+      - ''
-    last_updated: '2021-12-13T00:00:00'
+    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: Midori Global
    product: ''
    cves:
@ -2538,7 +2538,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 'All'
+          - All
      cve-2021-45046:
        investigated: ''
        affected_versions: []
@ -2551,7 +2551,9 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
-    notes: Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected.
+    notes: Moxa is investigating to determine if any of our products are affected
      by this vulnerability. At the time of publication, none of Moxa's products are
      affected.
    references:
      - ''
    last_updated: '2022-01-19T00:00:00'
@ -2586,7 +2588,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:54+00:00'
  - vendor: Mulesoft
-    product: Mule Runtime
+    product: Anypoint Studio
    cves:
      cve-2021-4104:
        investigated: false
@ -2596,8 +2598,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - '3.x'
+          - 7.x
          - '4.x'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -2618,7 +2619,7 @@ software:
      - ''
    last_updated: '2021-12-15T00:00:00'
  - vendor: Mulesoft
-    product: Mule Agent
+    product: Cloudhub
    cves:
      cve-2021-4104:
        investigated: false
@ -2626,9 +2627,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - '6.x'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -2649,7 +2649,7 @@ software:
      - ''
    last_updated: '2021-12-15T00:00:00'
  - vendor: Mulesoft
-    product: Cloudhub
+    product: Mule Agent
    cves:
      cve-2021-4104:
        investigated: false
@ -2657,8 +2657,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - 6.x
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -2679,7 +2680,7 @@ software:
      - ''
    last_updated: '2021-12-15T00:00:00'
  - vendor: Mulesoft
-    product: Anypoint Studio
+    product: Mule Runtime
    cves:
      cve-2021-4104:
        investigated: false
@ -2689,7 +2690,8 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - '7.x'
+          - 3.x
          - 4.x
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
--- a/data/cisagov_N.yml
+++ b/data/cisagov_N.yml
@ -102,9 +102,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - 'Vertica'
+          - Vertica
-          - 'Cloudera'
+          - Cloudera
-          - 'Logstash'
+          - Logstash
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -136,7 +136,7 @@ software:
        investigated: true
        affected_versions:
          - '>4.2'
-          - '<4..2.12'
+          - <4..2.12
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -282,7 +282,7 @@ software:
        investigated: true
        affected_versions: []
        fixed_versions:
-          - '3.0.57'
+          - 3.0.57
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -312,7 +312,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - '<7.4.3'
+          - <7.4.3
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -374,7 +374,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - '21.04.0.5552'
+          - 21.04.0.5552
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1343,7 +1343,7 @@ software:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: Nutanix
-    product: Leap
+    product: LCM
    cves:
      cve-2021-4104:
        investigated: false
@ -1351,10 +1351,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1367,12 +1368,12 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
-    notes: Saas-Based Procuct.  See Advisory.
+    notes: ''
    references:
      - ''
    last_updated: '2021-12-20T00:00:00'
  - vendor: Nutanix
-    product: LCM
+    product: Leap
    cves:
      cve-2021-4104:
        investigated: false
@ -1380,11 +1381,10 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1397,7 +1397,7 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
-    notes: ''
+    notes: Saas-Based Procuct.  See Advisory.
    references:
      - ''
    last_updated: '2021-12-20T00:00:00'
--- a/data/cisagov_O.yml
+++ b/data/cisagov_O.yml
@ -295,7 +295,7 @@ software:
      - ''
    last_updated: '2021-12-12T00:00:00'
  - vendor: Okta
-    product: Okta RADIUS Server Agent
+    product: Okta On-Prem MFA Agent
    cves:
      cve-2021-4104:
        investigated: false
@ -305,7 +305,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - < 2.17.0
+          - < 1.4.6
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -319,13 +319,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
+      - https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
    notes: ''
    references:
      - ''
    last_updated: '2021-12-12T00:00:00'
  - vendor: Okta
-    product: Okta Verify
+    product: Okta RADIUS Server Agent
    cves:
      cve-2021-4104:
        investigated: false
@ -333,8 +333,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - < 2.17.0
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -348,13 +349,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://sec.okta.com/articles/2021/12/log4shell
+      - https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
    notes: ''
    references:
      - ''
    last_updated: '2021-12-12T00:00:00'
  - vendor: Okta
-    product: Okta Workflows
+    product: Okta Verify
    cves:
      cve-2021-4104:
        investigated: false
@ -383,7 +384,7 @@ software:
      - ''
    last_updated: '2021-12-12T00:00:00'
  - vendor: Okta
-    product: Okta On-Prem MFA Agent
+    product: Okta Workflows
    cves:
      cve-2021-4104:
        investigated: false
@ -391,9 +392,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - < 1.4.6
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -407,7 +407,7 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
+      - https://sec.okta.com/articles/2021/12/log4shell
    notes: ''
    references:
      - ''
@ -587,7 +587,7 @@ software:
      - ''
    last_updated: '2021-12-23T00:00:00'
  - vendor: Opto 22
-    product: GRV-EPIC-PR1, GRV-EPIC-PR2
+    product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
    cves:
      cve-2021-4104:
        investigated: false
@ -597,9 +597,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - < 3.3.2
+          - < 4.3g
        fixed_versions:
-          - 3.3.2
+          - 4.3g
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -618,7 +618,7 @@ software:
      - ''
    last_updated: '2022-01-13T00:00:00'
  - vendor: Opto 22
-    product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
+    product: GROOV-AT1, GROOV-AT1-SNAP
    cves:
      cve-2021-4104:
        investigated: false
@ -649,7 +649,7 @@ software:
      - ''
    last_updated: '2022-01-13T00:00:00'
  - vendor: Opto 22
-    product: GROOV-AT1, GROOV-AT1-SNAP
+    product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
    cves:
      cve-2021-4104:
        investigated: false
@ -680,7 +680,7 @@ software:
      - ''
    last_updated: '2022-01-13T00:00:00'
  - vendor: Opto 22
-    product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
+    product: GRV-EPIC-PR1, GRV-EPIC-PR2
    cves:
      cve-2021-4104:
        investigated: false
@ -690,9 +690,9 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - < 4.3g
+          - < 3.3.2
        fixed_versions:
-          - 4.3g
+          - 3.3.2
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
@ -741,7 +741,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Oracle
-    product: Exadata
+    product: Enterprise Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -751,7 +751,8 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - <21.3.4
+          - '13.5'
          - 13.4 & 13.3.2
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -773,7 +774,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Oracle
-    product: Enterprise Manager
+    product: Exadata
    cves:
      cve-2021-4104:
        investigated: false
@ -783,8 +784,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - '13.5'
+          - <21.3.4
          - 13.4 & 13.3.2
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
--- a/data/cisagov_Q.yml
+++ b/data/cisagov_Q.yml
@ -63,7 +63,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:55+00:00'
  - vendor: QMATIC
-    product: Orchestra Central
+    product: Appointment Booking
    cves:
      cve-2021-4104:
        investigated: false
@ -72,10 +72,10 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions: []
+        affected_versions:
          - 2.4+
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - 6.0+
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -88,7 +88,7 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
-    notes: ''
+    notes: Update to v. 2.8.2 which contains log4j 2.16
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -103,7 +103,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - 2.4+
+          - Cloud/Managed Service
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -118,7 +118,7 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
-    notes: Update to v. 2.8.2 which contains log4j 2.16
+    notes: log4j 2.16 applied 2021-12-15
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -153,7 +153,7 @@ software:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: QMATIC
-    product: Appointment Booking
+    product: Orchestra Central
    cves:
      cve-2021-4104:
        investigated: false
@ -162,10 +162,10 @@ software:
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
-        affected_versions:
+        affected_versions: []
          - Cloud/Managed Service
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - 6.0+
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -178,7 +178,7 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
-    notes: log4j 2.16 applied 2021-12-15
+    notes: ''
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
--- a/data/cisagov_S.yml
+++ b/data/cisagov_S.yml
--- a/data/cisagov_T.yml
+++ b/data/cisagov_T.yml
@ -5,7 +5,7 @@ owners:
    url: https://github.com/cisagov/log4j-affected-db
 software:
  - vendor: Tableau
-    product: Tableau Server
+    product: Tableau Bridge
    cves:
      cve-2021-4104:
        investigated: false
@ -15,19 +15,19 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - 'The following versions and lower: 2021.4'
+          - 'The following versions and lower: 20214.21.1109.1748'
-          - 2021.3.4
+          - 20213.21.1112.1434
-          - 2021.2.5
+          - 20212.21.0818.1843
-          - 2021.1.8
+          - 20211.21.0617.1133
-          - 2020.4.11
+          - 20204.21.0217.1203
-          - 2020.3.14
+          - 20203.20.0913.2112
-          - 2020.2.19
+          - 20202.20.0721.1350
-          - 2020.1.22
+          - 20201.20.0614.2321
-          - 2019.4.25
+          - 20194.20.0614.2307
-          - 2019.3.26
+          - 20193.20.0614.2306
-          - 2019.2.29
+          - 20192.19.0917.1648
-          - 2019.1.29
+          - 20191.19.0402.1911
-          - 2018.3.29
+          - 20183.19.0115.1143
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -191,7 +191,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Tableau
-    product: Tableau Bridge
+    product: Tableau Server
    cves:
      cve-2021-4104:
        investigated: false
@ -201,19 +201,19 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - 'The following versions and lower: 20214.21.1109.1748'
+          - 'The following versions and lower: 2021.4'
-          - 20213.21.1112.1434
+          - 2021.3.4
-          - 20212.21.0818.1843
+          - 2021.2.5
-          - 20211.21.0617.1133
+          - 2021.1.8
-          - 20204.21.0217.1203
+          - 2020.4.11
-          - 20203.20.0913.2112
+          - 2020.3.14
-          - 20202.20.0721.1350
+          - 2020.2.19
-          - 20201.20.0614.2321
+          - 2020.1.22
-          - 20194.20.0614.2307
+          - 2019.4.25
-          - 20193.20.0614.2306
+          - 2019.3.26
-          - 20192.19.0917.1648
+          - 2019.2.29
-          - 20191.19.0402.1911
+          - 2019.1.29
-          - 20183.19.0115.1143
+          - 2018.3.29
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -557,7 +557,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
  - vendor: Thales
-    product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core
+    product: CADP/SafeNet Protect App (PA) - JCE
    cves:
      cve-2021-4104:
        investigated: false
@ -586,7 +586,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Cloud Key Manager (CCKM) Embedded
+    product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core
    cves:
      cve-2021-4104:
        investigated: false
@ -615,7 +615,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Database Protection
+    product: CipherTrust Batch Data Transformation (BDT) 2.3
    cves:
      cve-2021-4104:
        investigated: false
@ -644,7 +644,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Manager
+    product: CipherTrust Cloud Key Manager (CCKM) Appliance
    cves:
      cve-2021-4104:
        investigated: false
@ -673,7 +673,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Transparent Encryption (CTE/VTE/CTE-U)
+    product: CipherTrust Cloud Key Manager (CCKM) Embedded
    cves:
      cve-2021-4104:
        investigated: false
@ -702,7 +702,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Vaultless Tokenization (CTS, CT-VL)
+    product: CipherTrust Database Protection
    cves:
      cve-2021-4104:
        investigated: false
@ -731,7 +731,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Data Protection on Demand
+    product: CipherTrust Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -760,7 +760,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Data Security Manager (DSM)
+    product: CipherTrust Transparent Encryption (CTE/VTE/CTE-U)
    cves:
      cve-2021-4104:
        investigated: false
@ -789,7 +789,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: KeySecure
+    product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -818,7 +818,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Luna EFT
+    product: CipherTrust Vaultless Tokenization (CTS, CT-VL)
    cves:
      cve-2021-4104:
        investigated: false
@ -847,7 +847,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Luna Network, PCIe, Luna USB HSM and backup devices
+    product: CipherTrust/SafeNet PDBCTL
    cves:
      cve-2021-4104:
        investigated: false
@ -876,7 +876,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Luna SP
+    product: Crypto Command Center (CCC)
    cves:
      cve-2021-4104:
        investigated: false
@ -905,7 +905,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: ProtectServer HSMs
+    product: Data Protection on Demand
    cves:
      cve-2021-4104:
        investigated: false
@ -934,7 +934,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet Authentication Client
+    product: Data Security Manager (DSM)
    cves:
      cve-2021-4104:
        investigated: false
@ -963,7 +963,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet IDPrime Virtual
+    product: KeySecure
    cves:
      cve-2021-4104:
        investigated: false
@ -992,7 +992,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet eToken (all products)
+    product: Luna EFT
    cves:
      cve-2021-4104:
        investigated: false
@ -1021,7 +1021,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet IDPrime(all products)
+    product: Luna Network, PCIe, Luna USB HSM and backup devices
    cves:
      cve-2021-4104:
        investigated: false
@ -1050,7 +1050,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet LUKS
+    product: Luna SP
    cves:
      cve-2021-4104:
        investigated: false
@ -1079,7 +1079,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet ProtectApp (PA) CAPI, .Net & Net Core
+    product: payShield Monitor
    cves:
      cve-2021-4104:
        investigated: false
@ -1108,7 +1108,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet ProtectDB (PDB)
+    product: ProtectServer HSMs
    cves:
      cve-2021-4104:
        investigated: false
@ -1137,7 +1137,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet ProtectV
+    product: SafeNet Authentication Client
    cves:
      cve-2021-4104:
        investigated: false
@ -1166,7 +1166,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Safenet ProtectFile and ProtectFile- Fuse
+    product: SafeNet eToken (all products)
    cves:
      cve-2021-4104:
        investigated: false
@ -1195,7 +1195,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet Transform Utility (TU)
+    product: SafeNet IDPrime Virtual
    cves:
      cve-2021-4104:
        investigated: false
@ -1224,7 +1224,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet Trusted Access (STA)
+    product: SafeNet IDPrime(all products)
    cves:
      cve-2021-4104:
        investigated: false
@ -1253,7 +1253,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet PKCS#11 and TDE
+    product: SafeNet LUKS
    cves:
      cve-2021-4104:
        investigated: false
@ -1282,7 +1282,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet SQL EKM
+    product: SafeNet PKCS#11 and TDE
    cves:
      cve-2021-4104:
        investigated: false
@ -1311,7 +1311,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SAS on Prem (SPE/PCE)
+    product: SafeNet ProtectApp (PA) CAPI, .Net & Net Core
    cves:
      cve-2021-4104:
        investigated: false
@ -1340,7 +1340,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel EMS Enterprise OnPremise
+    product: SafeNet ProtectDB (PDB)
    cves:
      cve-2021-4104:
        investigated: false
@ -1369,7 +1369,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel ESDaaS
+    product: Safenet ProtectFile and ProtectFile- Fuse
    cves:
      cve-2021-4104:
        investigated: false
@ -1398,7 +1398,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel Up
+    product: SafeNet ProtectV
    cves:
      cve-2021-4104:
        investigated: false
@ -1427,7 +1427,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel RMS
+    product: SafeNet SQL EKM
    cves:
      cve-2021-4104:
        investigated: false
@ -1456,7 +1456,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel Connect
+    product: SafeNet Transform Utility (TU)
    cves:
      cve-2021-4104:
        investigated: false
@ -1485,7 +1485,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel Superdog, SuperPro, UltraPro, SHK
+    product: SafeNet Trusted Access (STA)
    cves:
      cve-2021-4104:
        investigated: false
@ -1514,7 +1514,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel HASP, Legacy dog, Maze, Hardlock
+    product: SafeNet Vaultless Tokenization
    cves:
      cve-2021-4104:
        investigated: false
@ -1543,7 +1543,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel Envelope
+    product: SAS on Prem (SPE/PCE)
    cves:
      cve-2021-4104:
        investigated: false
@ -1572,7 +1572,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Thales payShield 9000
+    product: Sentinel Connect
    cves:
      cve-2021-4104:
        investigated: false
@ -1601,7 +1601,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Thales payShield 10k
+    product: Sentinel EMS Enterprise aaS
    cves:
      cve-2021-4104:
        investigated: false
@ -1630,7 +1630,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Thales payShield Manager
+    product: Sentinel EMS Enterprise OnPremise
    cves:
      cve-2021-4104:
        investigated: false
@ -1659,7 +1659,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Vormetirc Key Manager (VKM)
+    product: Sentinel Envelope
    cves:
      cve-2021-4104:
        investigated: false
@ -1688,7 +1688,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Vormetric Application Encryption (VAE)
+    product: Sentinel ESDaaS
    cves:
      cve-2021-4104:
        investigated: false
@ -1717,7 +1717,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Vormetric Protection for Terradata Database  (VPTD)
+    product: Sentinel HASP, Legacy dog, Maze, Hardlock
    cves:
      cve-2021-4104:
        investigated: false
@ -1746,7 +1746,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Vormetric Tokenization Server (VTS)
+    product: Sentinel LDK EMS (LDK-EMS)
    cves:
      cve-2021-4104:
        investigated: false
@ -1775,7 +1775,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: payShield Monitor
+    product: Sentinel LDKaas (LDK-EMS)
    cves:
      cve-2021-4104:
        investigated: false
@ -1804,7 +1804,8 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CADP/SafeNet Protect App (PA) - JCE
+    product: Sentinel Professional Services components (both Thales hosted & hosted
      on-premises by customers)
    cves:
      cve-2021-4104:
        investigated: false
@ -1833,7 +1834,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Batch Data Transformation (BDT) 2.3
+    product: Sentinel RMS
    cves:
      cve-2021-4104:
        investigated: false
@ -1862,7 +1863,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Cloud Key Manager (CCKM) Appliance
+    product: Sentinel SCL
    cves:
      cve-2021-4104:
        investigated: false
@ -1891,7 +1892,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager
+    product: Sentinel Superdog, SuperPro, UltraPro, SHK
    cves:
      cve-2021-4104:
        investigated: false
@ -1920,7 +1921,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: CipherTrust/SafeNet PDBCTL
+    product: Sentinel Up
    cves:
      cve-2021-4104:
        investigated: false
@ -1949,7 +1950,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Crypto Command Center (CCC)
+    product: Thales Data Platform (TDP)(DDC)
    cves:
      cve-2021-4104:
        investigated: false
@ -1978,7 +1979,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: SafeNet Vaultless Tokenization
+    product: Thales payShield 10k
    cves:
      cve-2021-4104:
        investigated: false
@ -2007,7 +2008,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel LDK EMS (LDK-EMS)
+    product: Thales payShield 9000
    cves:
      cve-2021-4104:
        investigated: false
@ -2036,7 +2037,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel LDKaas (LDK-EMS)
+    product: Thales payShield Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -2065,7 +2066,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel EMS Enterprise aaS
+    product: Vormetirc Key Manager (VKM)
    cves:
      cve-2021-4104:
        investigated: false
@ -2094,8 +2095,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel Professional Services components (both Thales hosted & hosted
+    product: Vormetric Application Encryption (VAE)
      on-premises by customers)
    cves:
      cve-2021-4104:
        investigated: false
@ -2124,7 +2124,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Sentinel SCL
+    product: Vormetric Protection for Terradata Database  (VPTD)
    cves:
      cve-2021-4104:
        investigated: false
@ -2153,7 +2153,7 @@ software:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: Thales
-    product: Thales Data Platform (TDP)(DDC)
+    product: Vormetric Tokenization Server (VTS)
    cves:
      cve-2021-4104:
        investigated: false
@ -2181,8 +2181,8 @@ software:
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
-  - vendor: Thermo-Calc
+  - vendor: Thermo Fisher Scientific
-    product: Thermo-Calc
+    product: ''
    cves:
      cve-2021-4104:
        investigated: false
@ -2190,11 +2190,10 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - 2022a
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -2206,8 +2205,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
+      - https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html
-    notes: Use the program as normal, Install the 2022a patch when available
+    notes: ''
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
@ -2224,7 +2223,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 2021b
+          - 2022a
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -2237,7 +2236,7 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
-    notes: Use the program as normal
+    notes: Use the program as normal, Install the 2022a patch when available
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
@ -2254,7 +2253,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 2018b to 2021a
+          - 2021b
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -2267,8 +2266,7 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
-    notes: Use the program as normal, delete the Log4j 2 files in the program installation
+    notes: Use the program as normal
      if required, see advisory for instructions.
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
@ -2285,7 +2283,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 2018a and earlier
+          - 2018b to 2021a
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -2298,12 +2296,13 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
-    notes: Use the program as normal
+    notes: Use the program as normal, delete the Log4j 2 files in the program installation
      if required, see advisory for instructions.
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
-  - vendor: Thermo Fisher Scientific
+  - vendor: Thermo-Calc
-    product: ''
+    product: Thermo-Calc
    cves:
      cve-2021-4104:
        investigated: false
@ -2311,10 +2310,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - 2018a and earlier
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -2326,8 +2326,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html
+      - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/
-    notes: ''
+    notes: Use the program as normal
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
@ -2393,7 +2393,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
  - vendor: ThycoticCentrify
-    product: Secret Server
+    product: Account Lifecycle Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -2423,7 +2423,7 @@ software:
      - ''
    last_updated: '2021-12-10T00:00:00'
  - vendor: ThycoticCentrify
-    product: Privilege Manager
+    product: Cloud Suite
    cves:
      cve-2021-4104:
        investigated: false
@ -2453,7 +2453,7 @@ software:
      - ''
    last_updated: '2021-12-10T00:00:00'
  - vendor: ThycoticCentrify
-    product: Account Lifecycle Manager
+    product: Connection Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -2483,7 +2483,7 @@ software:
      - ''
    last_updated: '2021-12-10T00:00:00'
  - vendor: ThycoticCentrify
-    product: Privileged Behavior Analytics
+    product: DevOps Secrets Vault
    cves:
      cve-2021-4104:
        investigated: false
@ -2513,7 +2513,7 @@ software:
      - ''
    last_updated: '2021-12-10T00:00:00'
  - vendor: ThycoticCentrify
-    product: DevOps Secrets Vault
+    product: Password Reset Server
    cves:
      cve-2021-4104:
        investigated: false
@ -2543,7 +2543,7 @@ software:
      - ''
    last_updated: '2021-12-10T00:00:00'
  - vendor: ThycoticCentrify
-    product: Connection Manager
+    product: Privilege Manager
    cves:
      cve-2021-4104:
        investigated: false
@ -2573,7 +2573,7 @@ software:
      - ''
    last_updated: '2021-12-10T00:00:00'
  - vendor: ThycoticCentrify
-    product: Password Reset Server
+    product: Privileged Behavior Analytics
    cves:
      cve-2021-4104:
        investigated: false
@ -2603,7 +2603,7 @@ software:
      - ''
    last_updated: '2021-12-10T00:00:00'
  - vendor: ThycoticCentrify
-    product: Cloud Suite
+    product: Secret Server
    cves:
      cve-2021-4104:
        investigated: false
@ -2952,13 +2952,13 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://docs.niagara-community.com/bundle/TechBulletin2021/resource/Dec_13_2021_NiagaraNotExposed_Apache_log4j.pdf
-    notes: Document access requires authentication. CISA is not able to validate vulnerability status.
+    notes: Document access requires authentication. CISA is not able to validate vulnerability
      status.
    references:
      - ''
    last_updated: '2022-01-19T00:00:00'
-  - vendor: Tripp Lite
+  - vendor: Trimble
-    product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX,
+    product: eCognition
      SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces)
    cves:
      cve-2021-4104:
        investigated: false
@ -2966,8 +2966,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - 10.2.0 Build 4618
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -2980,15 +2981,14 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
-    vendor_links:
+    vendor_links: []
-      - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
+    notes: Remediation steps provided by Trimble
    notes: ''
    references:
      - ''
-    last_updated: '2022-01-04T00:00:00'
+    last_updated: '2021-12-23T00:00:00'
  - vendor: Tripp Lite
-    product: SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or
+    product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX,
-      embedded SNMPWEBCARD
+      SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces)
    cves:
      cve-2021-4104:
        investigated: false
@ -3047,7 +3047,7 @@ software:
      - ''
    last_updated: '2022-01-04T00:00:00'
  - vendor: Tripp Lite
-    product: PowerAlert Network Shutdown Agent (PANSA)
+    product: PowerAlert Network Management System (PANMS)
    cves:
      cve-2021-4104:
        investigated: false
@ -3071,13 +3071,13 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
-    notes: Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
+    notes: Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
      vulnerability.
    references:
      - ''
    last_updated: '2022-01-04T00:00:00'
  - vendor: Tripp Lite
-    product: PowerAlert Network Management System (PANMS)
+    product: PowerAlert Network Shutdown Agent (PANSA)
    cves:
      cve-2021-4104:
        investigated: false
@ -3101,13 +3101,13 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
-    notes: Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
+    notes: Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228
      vulnerability.
    references:
      - ''
    last_updated: '2022-01-04T00:00:00'
  - vendor: Tripp Lite
-    product: TLNETCARD and associated software
+    product: PowerAlertElement Manager (PAEM)
    cves:
      cve-2021-4104:
        investigated: false
@ -3115,8 +3115,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - 1.0.0
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -3131,12 +3132,14 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
-    notes: ''
+    notes: Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which
      will contain a patched version of Log4j2
    references:
      - ''
    last_updated: '2022-01-04T00:00:00'
  - vendor: Tripp Lite
-    product: PowerAlertElement Manager (PAEM)
+    product: SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or
      embedded SNMPWEBCARD
    cves:
      cve-2021-4104:
        investigated: false
@ -3144,9 +3147,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - 1.0.0
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -3161,13 +3163,12 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
-    notes: Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which
+    notes: ''
      will contain a patched version of Log4j2
    references:
      - ''
    last_updated: '2022-01-04T00:00:00'
-  - vendor: Tripwire
+  - vendor: Tripp Lite
-    product: ''
+    product: TLNETCARD and associated software
    cves:
      cve-2021-4104:
        investigated: false
@ -3190,13 +3191,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.tripwire.com/log4j
+      - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf
    notes: ''
    references:
      - ''
-    last_updated: '2022-01-12T07:18:56+00:00'
+    last_updated: '2022-01-04T00:00:00'
-  - vendor: Trimble
+  - vendor: Tripwire
-    product: eCognition
+    product: ''
    cves:
      cve-2021-4104:
        investigated: false
@ -3204,9 +3205,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - 10.2.0 Build 4618
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -3219,11 +3219,12 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
-    vendor_links: []
+    vendor_links:
-    notes: Remediation steps provided by Trimble
+      - https://www.tripwire.com/log4j
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-23T00:00:00'
+    last_updated: '2022-01-12T07:18:56+00:00'
  - vendor: TrueNAS
    product: ''
    cves:
--- a/data/cisagov_U.yml
+++ b/data/cisagov_U.yml
@ -94,8 +94,8 @@ software:
    references:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
-  - vendor: Umbraco
+  - vendor: UiPath
-    product: ''
+    product: InSights
    cves:
      cve-2021-4104:
        investigated: false
@ -103,8 +103,9 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - '20.10'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -118,12 +119,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
+      - https://www.uipath.com/legal/trust-and-security/cve-2021-44228
    notes: ''
    references:
      - ''
-    last_updated: '2022-01-12T07:18:56+00:00'
+    last_updated: '2021-12-15T00:00:00'
-  - vendor: UniFlow
+  - vendor: Umbraco
    product: ''
    cves:
      cve-2021-4104:
@ -147,12 +148,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.uniflow.global/en/security/security-and-maintenance/
+      - https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
-  - vendor: Unify ATOS
+  - vendor: UniFlow
    product: ''
    cves:
      cve-2021-4104:
@ -176,12 +177,12 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
+      - https://www.uniflow.global/en/security/security-and-maintenance/
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
-  - vendor: Unimus
+  - vendor: Unify ATOS
    product: ''
    cves:
      cve-2021-4104:
@ -205,13 +206,13 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
+      - https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
-  - vendor: UiPath
+  - vendor: Unimus
-    product: InSights
+    product: ''
    cves:
      cve-2021-4104:
        investigated: false
@ -219,9 +220,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - '20.10'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -235,11 +235,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
-      - https://www.uipath.com/legal/trust-and-security/cve-2021-44228
+      - https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
    notes: ''
    references:
      - ''
-    last_updated: '2021-12-15T00:00:00'
+    last_updated: '2022-01-12T07:18:56+00:00'
  - vendor: USSIGNAL MSP
    product: ''
    cves:
--- a/data/cisagov_V.yml
+++ b/data/cisagov_V.yml
@ -4,35 +4,6 @@ owners:
  - name: cisagov
    url: https://github.com/cisagov/log4j-affected-db
 software:
  - vendor: VArmour
    product: ''
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
  - vendor: Varian
    product: Acuity
    cves:
@ -64,7 +35,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: DITC
+    product: ARIA Connect (Cloverleaf)
    cves:
      cve-2021-4104:
        investigated: false
@ -72,11 +43,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions:
+        affected_versions: []
          - All
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -94,7 +65,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: ARIA Connect (Cloverleaf)
+    product: ARIA eDOC
    cves:
      cve-2021-4104:
        investigated: false
@ -154,7 +125,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: XMediusFax for ARIA oncology information system for Medical Oncology
+    product: ARIA oncology information system for Radiation Oncology
    cves:
      cve-2021-4104:
        investigated: false
@ -162,11 +133,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions:
+        affected_versions: []
          - All
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -184,7 +155,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: ARIA oncology information system for Radiation Oncology
+    product: ARIA Radiation Therapy Management System (RTM)
    cves:
      cve-2021-4104:
        investigated: false
@ -214,7 +185,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: ARIA eDOC
+    product: Bravos Console
    cves:
      cve-2021-4104:
        investigated: false
@ -244,7 +215,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: XMediusFax for ARIA oncology information system for Radiation Oncology
+    product: Clinac
    cves:
      cve-2021-4104:
        investigated: false
@ -274,37 +245,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: ARIA Radiation Therapy Management System (RTM)
+    product: Cloud Planner
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
    notes: ''
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
    product: Bravos Console
    cves:
      cve-2021-4104:
        investigated: false
@ -334,7 +275,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Clinac
+    product: DITC
    cves:
      cve-2021-4104:
        investigated: false
@ -364,7 +305,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Cloud Planner
+    product: DoseLab
    cves:
      cve-2021-4104:
        investigated: false
@ -394,7 +335,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: DoseLab
+    product: Eclipse treatment planning software
    cves:
      cve-2021-4104:
        investigated: false
@ -424,7 +365,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Eclipse treatment planning software
+    product: ePeerReview
    cves:
      cve-2021-4104:
        investigated: false
@ -432,11 +373,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions: []
+        affected_versions:
        fixed_versions: []
        unaffected_versions:
          - All
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -454,7 +395,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: ePeerReview
+    product: Ethos
    cves:
      cve-2021-4104:
        investigated: false
@ -462,11 +403,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions:
+        affected_versions: []
          - All
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -484,7 +425,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Ethos
+    product: FullScale oncology IT solutions
    cves:
      cve-2021-4104:
        investigated: false
@ -492,11 +433,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions: []
+        affected_versions:
        fixed_versions: []
        unaffected_versions:
          - All
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -514,7 +455,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: FullScale oncology IT solutions
+    product: Halcyon system
    cves:
      cve-2021-4104:
        investigated: false
@ -544,7 +485,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Halcyon system
+    product: ICAP
    cves:
      cve-2021-4104:
        investigated: false
@ -552,11 +493,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions:
+        affected_versions: []
          - All
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -694,7 +635,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: ICAP
+    product: Mobius3D platform
    cves:
      cve-2021-4104:
        investigated: false
@ -724,7 +665,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Mobius3D platform
+    product: PaaS
    cves:
      cve-2021-4104:
        investigated: false
@ -934,7 +875,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: PaaS
+    product: TrueBeam radiotherapy system
    cves:
      cve-2021-4104:
        investigated: false
@ -964,7 +905,37 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: TrueBeam radiotherapy system
+    product: UNIQUE system
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions:
          - All
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
    notes: ''
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
    product: Varian Authentication and Identity Server (VAIS)
    cves:
      cve-2021-4104:
        investigated: false
@ -994,7 +965,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: UNIQUE system
+    product: Varian Managed Services Cloud
    cves:
      cve-2021-4104:
        investigated: false
@ -1024,7 +995,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Varian Authentication and Identity Server (VAIS)
+    product: Varian Mobile App
    cves:
      cve-2021-4104:
        investigated: false
@ -1036,7 +1007,8 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - All
+          - '2.0'
          - '2.5'
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1054,7 +1026,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Varian Managed Services Cloud
+    product: VariSeed
    cves:
      cve-2021-4104:
        investigated: false
@ -1062,11 +1034,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions:
+        affected_versions: []
          - All
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
          - All
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1084,7 +1056,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Varian Mobile App
+    product: Velocity
    cves:
      cve-2021-4104:
        investigated: false
@ -1096,8 +1068,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - '2.0'
+          - All
          - '2.5'
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1115,7 +1086,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: VariSeed
+    product: VitalBeam radiotherapy system
    cves:
      cve-2021-4104:
        investigated: false
@ -1145,7 +1116,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Velocity
+    product: Vitesse
    cves:
      cve-2021-4104:
        investigated: false
@ -1175,7 +1146,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: VitalBeam radiotherapy system
+    product: XMediusFax for ARIA oncology information system for Medical Oncology
    cves:
      cve-2021-4104:
        investigated: false
@ -1183,11 +1154,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions: []
+        affected_versions:
        fixed_versions: []
        unaffected_versions:
          - All
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1205,7 +1176,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Varian
-    product: Vitesse
+    product: XMediusFax for ARIA oncology information system for Radiation Oncology
    cves:
      cve-2021-4104:
        investigated: false
@ -1213,11 +1184,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions: []
+        affected_versions:
        fixed_versions: []
        unaffected_versions:
          - All
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
@ -1234,6 +1205,35 @@ software:
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: VArmour
    product: ''
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
    notes: ''
    references:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
  - vendor: Varnish Software
    product: ''
    cves:
@ -1421,7 +1421,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 'All'
+          - All
      cve-2021-45046:
        investigated: ''
        affected_versions: []
@ -1678,6 +1678,71 @@ software:
    references:
      - ''
    last_updated: '2021-12-12T00:00:00'
  - vendor: VMware
    product: vCenter Server - OVA
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
        affected_versions:
          - 7.x
          - 6.7.x
          - 6.5.x
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
    notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
      )'
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: VMware
    product: vCenter Server - Windows
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
        affected_versions:
          - 6.7.x
          - 6.5.x
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
    notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
      )'
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: VMware
    product: VMware Carbon Black Cloud Workload Appliance
    cves:
@ -2291,71 +2356,6 @@ software:
    references:
      - ''
    last_updated: '2021-12-12T00:00:00'
  - vendor: VMware
    product: vCenter Server - OVA
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
        affected_versions:
          - 7.x
          - 6.7.x
          - 6.5.x
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
    notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
      )'
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: VMware
    product: vCenter Server - Windows
    cves:
      cve-2021-4104:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
        investigated: true
        affected_versions:
          - 6.7.x
          - 6.5.x
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
    notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
      )'
    references:
      - ''
    last_updated: '2021-12-17T00:00:00'
  - vendor: VMware
    product: VMware vRealize Automation
    cves:
@ -2614,7 +2614,7 @@ software:
        affected_versions: []
        fixed_versions: []
        unaffected_versions:
-          - 'All'
+          - All
      cve-2021-45046:
        investigated: ''
        affected_versions: []
--- a/data/cisagov_W.yml
+++ b/data/cisagov_W.yml
@ -151,7 +151,7 @@ software:
      - ''
    last_updated: '2022-01-12T07:18:56+00:00'
  - vendor: WIBU Systems
-    product: CodeMeter Keyring for TIA Portal
+    product: CodeMeter Cloud Lite
    cves:
      cve-2021-4104:
        investigated: false
@ -161,7 +161,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - 1.30 and prior
+          - 2.2 and prior
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -176,12 +176,12 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
-    notes: Only the Password Manager is affected
+    notes: ''
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: WIBU Systems
-    product: CodeMeter Cloud Lite
+    product: CodeMeter Keyring for TIA Portal
    cves:
      cve-2021-4104:
        investigated: false
@ -191,7 +191,7 @@ software:
      cve-2021-44228:
        investigated: true
        affected_versions:
-          - 2.2 and prior
+          - 1.30 and prior
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -206,7 +206,7 @@ software:
        unaffected_versions: []
    vendor_links:
      - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
-    notes: ''
+    notes: Only the Password Manager is affected
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
--- a/data/cisagov_X.yml
+++ b/data/cisagov_X.yml
@ -237,7 +237,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus Analytics
+    product: Configuration change complete
    cves:
      cve-2021-4104:
        investigated: false
@ -266,7 +266,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus Automation Control Configuration change complete
+    product: Sensus Analytics
    cves:
      cve-2021-4104:
        investigated: false
@ -295,7 +295,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus Cathodic Protection Mitigation in process Mitigation in process
+    product: Sensus Automation Control Configuration change complete
    cves:
      cve-2021-4104:
        investigated: false
@ -324,7 +324,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus FieldLogic LogServer
+    product: Sensus Cathodic Protection Mitigation in process Mitigation in process
    cves:
      cve-2021-4104:
        investigated: false
@ -353,7 +353,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus Lighting Control
+    product: Sensus FieldLogic LogServer
    cves:
      cve-2021-4104:
        investigated: false
@ -382,7 +382,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus NetMetrics Configuration change complete
+    product: Sensus Lighting Control
    cves:
      cve-2021-4104:
        investigated: false
@ -411,7 +411,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus RNI Saas
+    product: Sensus NetMetrics Configuration change complete
    cves:
      cve-2021-4104:
        investigated: false
@ -419,11 +419,8 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
-        affected_versions:
+        affected_versions: []
          - 4.7 through 4.10
          - 4.4 through 4.6
          - '4.2'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -475,7 +472,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Sensus SCS
+    product: Sensus RNI Saas
    cves:
      cve-2021-4104:
        investigated: false
@ -483,8 +480,11 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: false
+        investigated: true
-        affected_versions: []
+        affected_versions:
          - 4.7 through 4.10
          - 4.4 through 4.6
          - '4.2'
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45046:
@ -504,7 +504,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Smart Irrigation
+    product: Sensus SCS
    cves:
      cve-2021-4104:
        investigated: false
@ -533,7 +533,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Water Loss Management (Visenti)
+    product: Smart Irrigation
    cves:
      cve-2021-4104:
        investigated: false
@ -562,7 +562,7 @@ software:
      - ''
    last_updated: '2021-12-22T00:00:00'
  - vendor: Xylem
-    product: Configuration change complete
+    product: Water Loss Management (Visenti)
    cves:
      cve-2021-4104:
        investigated: false