mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-22 00:20:47 +00:00
Merge branch 'develop' into master
This commit is contained in:
commit
22f140ff44
30 changed files with 25395 additions and 13489 deletions
8
.github/workflows/update_software_list.yml
vendored
8
.github/workflows/update_software_list.yml
vendored
|
@ -68,6 +68,12 @@ jobs:
|
|||
run: pip install --upgrade --requirement config/requirements.txt
|
||||
- name: Create the branch for test validation
|
||||
run: git switch --create ${{ needs.setup.outputs.testing_branch }}
|
||||
- name: Normalize individual cisagov_*.yml files
|
||||
run: |
|
||||
for file in data/cisagov_*yml; do \
|
||||
normalize-yml --cisagov-format "$file" > "$file".tmp; \
|
||||
mv --force "$file".tmp "$file"; \
|
||||
done
|
||||
- name: Update the comprehensive cisagov YAML file
|
||||
run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml
|
||||
- name: Generate a normalized YAML file from all source YAML files
|
||||
|
@ -84,7 +90,7 @@ jobs:
|
|||
commit_user_name: ${{ needs.setup.outputs.git_user }}
|
||||
commit_user_email: ${{ needs.setup.outputs.git_email }}
|
||||
commit_author: ${{ needs.setup.outputs.git_author }}
|
||||
file_pattern: SOFTWARE-LIST.md data/cisagov.yml
|
||||
file_pattern: SOFTWARE-LIST.md data/cisagov*.yml
|
||||
merge_list_update:
|
||||
runs-on: ubuntu-latest
|
||||
needs:
|
||||
|
|
230
SOFTWARE-LIST.md
230
SOFTWARE-LIST.md
|
@ -231,10 +231,10 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -949,8 +949,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
|
@ -1180,6 +1180,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
|
||||
| GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
|
||||
| GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
|
||||
| Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
|
@ -1309,14 +1310,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
|
||||
| Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -1324,6 +1323,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -1396,7 +1396,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
|
@ -1508,7 +1512,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| HPE | OfficeConnect | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | Primera Storage | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | RepoServer part of OPA (on Premises aggregator) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Not Affected | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | RESTful Interface Tool (iLOREST) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | SAT (System Admin Toolkit) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | Scripting Tools for Windows PowerShell (HPEiLOCmdlets) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
|
@ -1526,11 +1530,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -2019,6 +2019,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
|
||||
| MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
|
||||
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
|
@ -2032,8 +2034,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
|
||||
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
|
@ -2217,6 +2217,99 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| OxygenXML | Web Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| OxygenXML | WebHelp | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| PagerDuty | PagerDuty SaaS | | | Unknown | [link](https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability) | We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Palantir | Palantir AI Inference Platform (AIP) | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
||||
| Palantir | Palantir Apollo | | | Not Affected | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact, and updates have been deployed for full remediation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
||||
| Palantir | Palantir Foundry | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
||||
| Palantir | Palantir Gotham | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
||||
| Palo-Alto Networks | Bridgecrew | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | CloudGenix | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Cortex Data Lake | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Cortex XDR Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Cortex Xpanse | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Cortex XSOAR | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Expedition | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | GlobalProtect App | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | IoT Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Okyo Grade | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Palo-Alto Networks-OS for Firewall and Wildfire | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Palo-Alto Networks-OS for Panorama | 9.0, 9.1, 10.0 | | Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Palo-Alto Networks | Prisma Access | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Prisma Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | Prisma Cloud Compute | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | SaaS Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | User-ID Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | WildFire Appliance | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Palo-Alto Networks | WildFire Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Panopto | | | | Unknown | [link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PaperCut | PaperCut MF | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| PaperCut | PaperCut NG | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Parallels | | | | Unknown | [link](https://kb.parallels.com/en/128696) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Parse.ly | | | | Unknown | [link](https://blog.parse.ly/parse-ly-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PBXMonitor | RMM for 3CX PBX | | | Unknown | [link](https://www.pbxmonitor.net/changelog.php) | Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Pega | | | | Unknown | [link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pentaho | | | | Unknown | [link](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pepperl+Fuchs | | | | Unknown | [link](https://www.pepperl-fuchs.com/global/en/29079.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Percona | | | | Unknown | [link](https://www.percona.com/blog/log4jshell-vulnerability-update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pexip | | | | Unknown | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Phenix Id | | | | Unknown | [link](https://support.phenixid.se/uncategorized/log4j-fix/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Philips | Multiple products | | | Unknown | [link](https://www.philips.com/a-w/security/security-advisories.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PHOENIX CONTACT | Cloud Services | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | Partly affected. Remediations are being implemented. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| PHOENIX CONTACT | Physical products containing firmware | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| PHOENIX CONTACT | Software Products | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Ping Identity | PingAccess | 4.0 <= version <= 6.3.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Ping Identity | PingCentral | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Ping Identity | PingFederate | 8.0 <= version <= 10.3.4 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Ping Identity | PingFederate Java Integration Kit | < 2.7.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Ping Identity | PingFederate OAuth Playground | < 4.3.1 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Ping Identity | PingIntelligence | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Pitney Bowes | | | | Unknown | [link](https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Planmeca | | | | Unknown | [link](https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Planon Software | | | | Unknown | [link](https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Platform.SH | | | | Unknown | [link](https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Plesk | | | | Unknown | [link](https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Plex | Plex Industrial IoT | | | Unknown | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Polycom | | | | Unknown | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Portainer | | | | Unknown | [link](https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PortSwigger | | | | Unknown | [link](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PostGreSQL | | | | Unknown | [link](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Postman | | | | Unknown | [link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Power Admin LLC | PA File Sight | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| Power Admin LLC | PA Server Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| Power Admin LLC | PA Storage Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| Pretix | | | | Unknown | [link](https://pretix.eu/about/de/blog/20211213-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PrimeKey | | | | Unknown | [link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Progress / IpSwitch | | | | Unknown | [link](https://www.progress.com/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| ProofPoint | | | | Unknown | [link](https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| ProSeS | | | | Unknown | [link](https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Prosys | | | | Unknown | [link](https://prosysopc.com/news/important-security-release/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Proxmox | | | | Unknown | [link](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PRTG Paessler | | | | Unknown | [link](https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| PTC | Axeda Platform | 6.9.2 | | Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| PTC | ThingsWorx Analytics | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| PTC | ThingsWorx Platform | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| PTV Group | | | | Unknown | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Ivanti Connect Secure (ICS) | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse Connect Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse Desktop Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse Mobile Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse One | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse Policy Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse Secure Services Director | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse Secure Virtual Traffic Manager | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse Secure Web Application Firewall | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pulse Secure | Pulse ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Puppet | | | | Unknown | [link](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pure Storage | | | | Unknown | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Pure Storage | Cloud Blockstore | CBS6.1.x, CBS6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/27/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Pure Storage | Flash Array | 5.3.x, 6.0.x, 6.1.x, 6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/20/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Pure Storage | FlashBlade | 3.1.x, 3.2.x, 3.3.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/24/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Pure Storage | PortWorx | 2.8.0+ | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Pure Storage | Pure1 | | N/A | Fixed | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Pyramid Analytics | | | | Unknown | [link](https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| QF-Test | | | | Unknown | [link](https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Qlik | | | | Unknown | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| QMATIC | Appointment Booking | 2.4+ | | Affected | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | Update to v. 2.8.2 which contains log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
|
@ -2228,6 +2321,102 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| QSC Q-SYS | | | | Unknown | [link](https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| QT | | | | Unknown | [link](https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Quest Global | | | | Unknown | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| R | R | | | Not Affected | [link](https://www.r-project.org/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| R2ediviewer | | | | Unknown | [link](https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Radware | | | | Unknown | [link](https://support.radware.com/app/answers/answer_view/a_id/1029752) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Rapid7 | AlcidekArt, kAdvisor, and kAudit | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | AppSpider Enterprise | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | AppSpider Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | Insight Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightCloudSec/DivvyCloud | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightConnect Orchestrator | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightIDR Network Sensor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightIDR/InsightOps Collector & Event Sources | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightOps DataHub | InsightOps DataHub <= 2.0 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightOps non-Java logging libraries | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightOps r7insight_java logging library | <=3.0.8 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightVM Kubernetes Monitor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightVM/Nexpose | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightVM/Nexpose Console | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | InsightVM/Nexpose Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | IntSights virtual appliance | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | Logentries DataHub | Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these [instructions](https://docs.logentries.com/docs/datahub-windows). You can find more details [here](https://docs.logentries.com/docs/datahub-linux). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | Logentries le_java logging library | All versions: this is a deprecated component | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | Metasploit Framework | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | Metasploit Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | tCell Java Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rapid7 | Velociraptor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Raritan | | | | Unknown | [link](https://www.raritan.com/support) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Ravelin | | | | Unknown | [link](https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Real-Time Innovations (RTI) | Distributed Logger | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Real-Time Innovations (RTI) | Recording Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Real-Time Innovations (RTI) | RTI Administration Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Real-Time Innovations (RTI) | RTI Code Generator | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Real-Time Innovations (RTI) | RTI Code Generator Server | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Professional 6.0.0 and 6.0.1 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Real-Time Innovations (RTI) | RTI Monitor | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Red Hat | log4j-core | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat Integration Camel K | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat build of Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Red Hat | Red Hat CodeReady Studio | | 12.21.0 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat Data Grid | | 8 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat Decision Manager | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Red Hat | Red Hat Integration Camel Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat JBoss A-MQ Streaming | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat JBoss Enterprise Application Platform | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Red Hat | Red Hat JBoss Fuse | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat Process Automation | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat Single Sign-On | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Red Hat Vert.X | | 4 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Satellite 5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat | Spacewalk | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch6 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-hive | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-presto | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat OpenShift Logging | logging-elasticsearch6-container | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat OpenStack Platform 13 (Queens) | opendaylight | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | End of Life | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat Software Collections | rh-java-common-log4j | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat Software Collections | rh-maven35-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red Hat Software Collections | rh-maven36-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Red5Pro | | | | Unknown | [link](https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RedGate | | | | Unknown | [link](https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Redis | | | | Unknown | [link](https://redis.com/security/notice-apache-log4j2-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Reiner SCT | | | | Unknown | [link](https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| ReportURI | | | | Unknown | [link](https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| ResMed | AirView | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| ResMed | myAir | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Respondus | | | | Unknown | [link](https://support.respondus.com/support/index.php?/News/NewsItem/View/339) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Revenera / Flexera | | | | Unknown | [link](https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Ricoh | | | | Unknown | [link](https://www.ricoh.com/info/2021/1215_1/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RingCentral | | | | Unknown | [link](https://www.ringcentral.com/trust-center/security-bulletin.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Riverbed | | | | Unknown | [link](https://supportkb.riverbed.com/support/index?page=content&id=S35645) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Rockwell Automation | FactoryTalk Analytics DataFlowML | 4.00.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rockwell Automation | FactoryTalk Analytics DataView | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rockwell Automation | Industrial Data Center | | Gen 1, Gen 2, Gen 3, Gen 3.5 | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rockwell Automation | MES EIG | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rockwell Automation | VersaVirtual | | Series A | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rockwell Automation | Warehouse Management | 4.01.00, 4.02.00, 4.02.01, 4.02.02 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Rollbar | | | | Unknown | [link](https://rollbar.com/blog/log4j-zero-day-2021-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Rosette.com | | | | Unknown | [link](https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RSA | SecurID Authentication Manager | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RSA | SecurID Authentication Manager Prime | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RSA | SecurID Authentication Manager WebTier | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RSA | SecurID Governance and Lifecycle | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RSA | SecurID Governance and Lifecycle Cloud | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RSA | SecurID Identity Router | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| RSA Netwitness | | | | Unknown | [link](https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Rstudioapi | Rstudioapi | | | Not Affected | [link](https://github.com/rstudio/rstudioapi) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Rubrik | | | | Unknown | [link](https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Ruckus | Virtual SmartZone (vSZ) | 5.1 to 6.0 | | Affected | [link](https://support.ruckuswireless.com/security_bulletins/313) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
|
||||
| RunDeck by PagerDuty | | | | Unknown | [link](https://docs.rundeck.com/docs/history/CVEs/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Runecast | Runecast Analyzer | | 6.0.3 | Fixed | [link](https://www.runecast.com/release-notes) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| SAE-IT | | | | Unknown | [link](https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -2319,6 +2508,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
|
||||
| Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
||||
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
||||
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
|
@ -2356,8 +2547,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
|
||||
| Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||
| Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||
|
@ -2458,8 +2647,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
|
||||
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
|
||||
| Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
|
@ -2750,7 +2939,14 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Western Digital | | | | Unknown | [link](https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| WIBU Systems | CodeMeter Cloud Lite | 2.2 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| WIBU Systems | CodeMeter Keyring for TIA Portal | 1.30 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | Only the Password Manager is affected | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| WindRiver | | | | Unknown | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Wind River | LTS17 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
|
||||
| Wind River | LTS18 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
|
||||
| Wind River | LTS19 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
|
||||
| Wind River | LTS21 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Wind River | WRL-6 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
|
||||
| Wind River | WRL-7 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
|
||||
| Wind River | WRL-8 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
|
||||
| Wind River | WRL-9 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
|
||||
| WireShark | | | | Unknown | [link](https://gitlab.com/wireshark/wireshark/-/issues/17783) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Wistia | | | | Unknown | [link](https://status.wistia.com/incidents/jtg0dfl5l224) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| WitFoo | | | | Unknown | [link](https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
|
|
@ -1 +1 @@
|
|||
https://github.com/cisagov/log4j-md-yml/archive/v1.1.0.tar.gz
|
||||
https://github.com/cisagov/log4j-md-yml/archive/v1.1.1.tar.gz
|
||||
|
|
7997
data/cisagov.yml
7997
data/cisagov.yml
File diff suppressed because it is too large
Load diff
1132
data/cisagov_A.yml
1132
data/cisagov_A.yml
File diff suppressed because it is too large
Load diff
|
@ -33,35 +33,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-16T00:00:00'
|
||||
- vendor: Baxter
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BackBox
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -207,8 +178,8 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: BBraun
|
||||
product: Outlook® Safety Infusion System Pump family
|
||||
- vendor: Baxter
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -231,43 +202,13 @@ software:
|
|||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
||||
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BBraun
|
||||
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
|
||||
Space® Infusion
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BBraun
|
||||
product: Pump, SpaceStation, and Space® Wireless Battery)
|
||||
product: APEX® Compounder
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -324,6 +265,35 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BBraun
|
||||
product: Outlook® Safety Infusion System Pump family
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BBraun
|
||||
product: Pinnacle® Compounder
|
||||
cves:
|
||||
|
@ -354,7 +324,37 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BBraun
|
||||
product: APEX® Compounder
|
||||
product: Pump, SpaceStation, and Space® Wireless Battery)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BBraun
|
||||
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
|
||||
Space® Infusion
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -614,6 +614,35 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BD
|
||||
product: BD Knowledge Portal for BD Pyxis™ Supply
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BD
|
||||
product: BD Knowledge Portal for Infusion Technologies
|
||||
cves:
|
||||
|
@ -672,35 +701,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BD
|
||||
product: BD Knowledge Portal for BD Pyxis™ Supply
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: BD
|
||||
product: BD Synapsys™ Informatics Solution
|
||||
cves:
|
||||
|
@ -1049,35 +1049,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: BioMerieux
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.biomerieux.com/en/cybersecurity-data-privacy
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Bender
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1256,6 +1227,35 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: BioMerieux
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.biomerieux.com/en/cybersecurity-data-privacy
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: BisectHosting
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2590,35 +2590,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Boston Scientific
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Bosch
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2648,6 +2619,35 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Boston Scientific
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Box
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -4067,7 +4067,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Broadcom
|
||||
product: Symantec Protection Engine (SPE)
|
||||
cves:
|
||||
|
@ -4096,7 +4096,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Broadcom
|
||||
product: Symantec Protection for SharePoint Servers (SPSS)
|
||||
cves:
|
||||
|
@ -4125,7 +4125,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Broadcom
|
||||
product: VIP
|
||||
cves:
|
||||
|
@ -4154,7 +4154,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Broadcom
|
||||
product: VIP Authentication Hub
|
||||
cves:
|
||||
|
@ -4183,7 +4183,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Broadcom
|
||||
product: Web Isolation (WI)
|
||||
cves:
|
||||
|
@ -4212,7 +4212,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Broadcom
|
||||
product: Web Security Service (WSS)
|
||||
cves:
|
||||
|
@ -4241,7 +4241,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Broadcom
|
||||
product: WebPulse
|
||||
cves:
|
||||
|
@ -4270,5 +4270,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:51+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
1346
data/cisagov_C.yml
1346
data/cisagov_C.yml
File diff suppressed because it is too large
Load diff
3896
data/cisagov_D.yml
3896
data/cisagov_D.yml
File diff suppressed because it is too large
Load diff
3684
data/cisagov_E.yml
3684
data/cisagov_E.yml
File diff suppressed because it is too large
Load diff
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F-Secure
|
||||
product: Endpoint Proxy
|
||||
cves:
|
||||
|
@ -62,7 +62,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F-Secure
|
||||
product: Messaging Security Gateway
|
||||
cves:
|
||||
|
@ -91,7 +91,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F-Secure
|
||||
product: Policy Manager
|
||||
cves:
|
||||
|
@ -121,7 +121,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F-Secure
|
||||
product: Policy Manager Proxy
|
||||
cves:
|
||||
|
@ -151,7 +151,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: BIG-IP (all modules)
|
||||
cves:
|
||||
|
@ -181,7 +181,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: BIG-IQ Centralized Management
|
||||
cves:
|
||||
|
@ -211,7 +211,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: F5OS
|
||||
cves:
|
||||
|
@ -241,7 +241,247 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX App Protect
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Controller
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Ingress Controller
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x - 2.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Instance Manager
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Open Source
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Plus
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- R19 - R25
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Service Mesh
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Unit
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: F5
|
||||
product: Traffix SDC
|
||||
cves:
|
||||
|
@ -273,247 +513,7 @@ software:
|
|||
Kibana), Element Management System'
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Plus
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- R19 - R25
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Open Source
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Unit
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX App Protect
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Controller
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Ingress Controller
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x - 2.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Instance Manager
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
- vendor: F5
|
||||
product: NGINX Service Mesh
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 1.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.f5.com/csp/article/K19026212
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FAST LTA
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -542,7 +542,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fastly
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -571,7 +571,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FedEx
|
||||
product: Ship Manager Software
|
||||
cves:
|
||||
|
@ -668,7 +668,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FileCatalyst
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -697,7 +697,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FileCloud
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -726,7 +726,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FileWave
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -755,7 +755,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FINVI
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -784,7 +784,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FireDaemon
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -813,7 +813,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fisher & Paykel Healthcare
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -871,7 +871,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Flexera
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -900,7 +900,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Forcepoint
|
||||
product: DLP Manager
|
||||
cves:
|
||||
|
@ -929,7 +929,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Forcepoint
|
||||
product: Forcepoint Cloud Security Gateway (CSG)
|
||||
cves:
|
||||
|
@ -958,7 +958,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Forcepoint
|
||||
product: Next Generation Firewall (NGFW)
|
||||
cves:
|
||||
|
@ -987,7 +987,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Forcepoint
|
||||
product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service
|
||||
and Sidewinder
|
||||
|
@ -1017,7 +1017,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Forcepoint
|
||||
product: One Endpoint
|
||||
cves:
|
||||
|
@ -1046,7 +1046,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Forcepoint
|
||||
product: Security Manager (Web, Email and DLP)
|
||||
cves:
|
||||
|
@ -1075,7 +1075,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Forescout
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1104,7 +1104,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: ForgeRock
|
||||
product: Autonomous Identity
|
||||
cves:
|
||||
|
@ -1133,7 +1133,7 @@ software:
|
|||
notes: all other ForgeRock products Not vulnerable
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiAIOps
|
||||
cves:
|
||||
|
@ -1162,7 +1162,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiAnalyzer
|
||||
cves:
|
||||
|
@ -1191,7 +1191,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiAnalyzer Cloud
|
||||
cves:
|
||||
|
@ -1220,7 +1220,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiAP
|
||||
cves:
|
||||
|
@ -1249,7 +1249,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiAuthenticator
|
||||
cves:
|
||||
|
@ -1278,7 +1278,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiCASB
|
||||
cves:
|
||||
|
@ -1307,7 +1307,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiConvertor
|
||||
cves:
|
||||
|
@ -1336,7 +1336,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiDeceptor
|
||||
cves:
|
||||
|
@ -1365,7 +1365,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiEDR Agent
|
||||
cves:
|
||||
|
@ -1394,7 +1394,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiEDR Cloud
|
||||
cves:
|
||||
|
@ -1423,7 +1423,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiGate Cloud
|
||||
cves:
|
||||
|
@ -1452,7 +1452,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiGSLB Cloud
|
||||
cves:
|
||||
|
@ -1481,7 +1481,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiMail
|
||||
cves:
|
||||
|
@ -1510,7 +1510,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiManager
|
||||
cves:
|
||||
|
@ -1539,7 +1539,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiManager Cloud
|
||||
cves:
|
||||
|
@ -1568,7 +1568,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiNAC
|
||||
cves:
|
||||
|
@ -1597,7 +1597,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiNAC
|
||||
cves:
|
||||
|
@ -1626,7 +1626,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiOS (includes FortiGate & FortiWiFi)
|
||||
cves:
|
||||
|
@ -1655,7 +1655,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiPhish Cloud
|
||||
cves:
|
||||
|
@ -1684,7 +1684,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiPolicy
|
||||
cves:
|
||||
|
@ -1713,7 +1713,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiPortal
|
||||
cves:
|
||||
|
@ -1742,7 +1742,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiRecorder
|
||||
cves:
|
||||
|
@ -1771,7 +1771,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiSIEM
|
||||
cves:
|
||||
|
@ -1800,7 +1800,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiSOAR
|
||||
cves:
|
||||
|
@ -1829,7 +1829,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiSwicth Cloud in FortiLANCloud
|
||||
cves:
|
||||
|
@ -1858,7 +1858,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiSwitch & FortiSwitchManager
|
||||
cves:
|
||||
|
@ -1887,7 +1887,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiToken Cloud
|
||||
cves:
|
||||
|
@ -1916,7 +1916,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiVoice
|
||||
cves:
|
||||
|
@ -1945,7 +1945,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: FortiWeb Cloud
|
||||
cves:
|
||||
|
@ -1974,7 +1974,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fortinet
|
||||
product: ShieldX
|
||||
cves:
|
||||
|
@ -2003,7 +2003,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FTAPI
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2032,7 +2032,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Fujitsu
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2061,7 +2061,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: FusionAuth
|
||||
product: FusionAuth
|
||||
cves:
|
||||
|
@ -2091,5 +2091,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
|
@ -64,6 +64,35 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: GE Gas Power
|
||||
product: Asset Performance Management (APM)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
|
||||
notes: GE verifying workaround.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: GE Gas Power
|
||||
product: Baseline Security Center (BSC)
|
||||
cves:
|
||||
|
@ -124,35 +153,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: GE Gas Power
|
||||
product: Asset Performance Management (APM)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
|
||||
notes: GE verifying workaround.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: GE Gas Power
|
||||
product: Control Server
|
||||
cves:
|
||||
|
@ -270,7 +270,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Genesys
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -299,7 +299,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: GeoServer
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -328,7 +328,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gerrit code review
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -357,7 +357,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: GFI
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -386,7 +386,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Ghidra
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -415,7 +415,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gigamon
|
||||
product: Fabric Manager
|
||||
cves:
|
||||
|
@ -505,7 +505,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Globus
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -534,9 +534,9 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:52+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: GoAnywhere
|
||||
product: MFT
|
||||
product: Gateway
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -546,7 +546,7 @@ software:
|
|||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- < 6.8.6
|
||||
- < 2.8.4
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -566,7 +566,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-18T00:00:00'
|
||||
- vendor: GoAnywhere
|
||||
product: Gateway
|
||||
product: MFT
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -576,7 +576,7 @@ software:
|
|||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- < 2.8.4
|
||||
- < 6.8.6
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -679,10 +679,73 @@ software:
|
|||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
|
||||
notes: Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability.
|
||||
notes: Chrome Browser releases, infrastructure and admin console are not using
|
||||
versions of Log4j affected by the vulnerability.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-14'
|
||||
- vendor: Google Cloud
|
||||
product: Access Transparency
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Actifio
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
|
||||
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
|
||||
for the full statement and to obtain the hotfix (available to Actifio customers
|
||||
only).
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: AI Platform Data Labeling
|
||||
cves:
|
||||
|
@ -773,68 +836,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Access Transparency
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Actifio
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
|
||||
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
|
||||
for the full statement and to obtain the hotfix (available to Actifio customers
|
||||
only).
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Anthos
|
||||
cves:
|
||||
|
@ -988,6 +989,40 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Anthos on VMWare
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
|
||||
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
|
||||
to their VMware products as they become available. We also recommend customers
|
||||
review their respective applications and workloads affected by the same vulnerabilities
|
||||
and apply appropriate patches.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Anthos Premium Software
|
||||
cves:
|
||||
|
@ -1048,40 +1083,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Anthos on VMWare
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
|
||||
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
|
||||
to their VMware products as they become available. We also recommend customers
|
||||
review their respective applications and workloads affected by the same vulnerabilities
|
||||
and apply appropriate patches.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Apigee
|
||||
cves:
|
||||
|
@ -1792,36 +1793,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud DNS
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Data Loss Prevention
|
||||
cves:
|
||||
|
@ -1912,6 +1883,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud DNS
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Endpoints
|
||||
cves:
|
||||
|
@ -2036,7 +2037,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Intrusion Detection System (IDS)
|
||||
product: Cloud Interconnect
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -2066,7 +2067,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Interconnect
|
||||
product: Cloud Intrusion Detection System (IDS)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -2185,36 +2186,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Network Address Translation (NAT)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Natural Language API
|
||||
cves:
|
||||
|
@ -2245,6 +2216,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Network Address Translation (NAT)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Profiler
|
||||
cves:
|
||||
|
@ -2372,7 +2373,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud SDK
|
||||
product: Cloud Scheduler
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -2402,37 +2403,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud SQL
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-19T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Scheduler
|
||||
product: Cloud SDK
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -2554,6 +2525,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-19T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud SQL
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-19T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Storage
|
||||
cves:
|
||||
|
@ -2704,36 +2705,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud VPN
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud Vision
|
||||
cves:
|
||||
|
@ -2794,6 +2765,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: Cloud VPN
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cloud.google.com/log4j2-security-advisory
|
||||
notes: Product does not use Log4j 2 and is not impacted by the issues identified
|
||||
in CVE-2021-44228 and CVE-2021-45046.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Google Cloud
|
||||
product: CompilerWorks
|
||||
cves:
|
||||
|
@ -4656,7 +4657,7 @@ software:
|
|||
notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gradle
|
||||
product: Gradle Enterprise
|
||||
cves:
|
||||
|
@ -4686,7 +4687,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gradle
|
||||
product: Gradle Enterprise Build Cache Node
|
||||
cves:
|
||||
|
@ -4716,7 +4717,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gradle
|
||||
product: Gradle Enterprise Test Distribution Agent
|
||||
cves:
|
||||
|
@ -4746,7 +4747,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Grafana
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -4775,7 +4776,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Grandstream
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -4804,7 +4805,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee
|
||||
product: Access Management
|
||||
cves:
|
||||
|
@ -4834,7 +4835,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee
|
||||
product: Access Management
|
||||
cves:
|
||||
|
@ -4864,67 +4865,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
- vendor: Gravitee
|
||||
product: API Management
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.10.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
- vendor: Gravitee
|
||||
product: API Management
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.5.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee
|
||||
product: Alert Engine
|
||||
cves:
|
||||
|
@ -4954,7 +4895,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee
|
||||
product: Alert Engine
|
||||
cves:
|
||||
|
@ -4984,7 +4925,67 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee
|
||||
product: API Management
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.10.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee
|
||||
product: API Management
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 3.5.x
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee
|
||||
product: Cockpit
|
||||
cves:
|
||||
|
@ -5014,7 +5015,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravitee.io
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -5043,7 +5044,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Gravwell
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -5072,7 +5073,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Graylog
|
||||
product: Graylog Server
|
||||
cves:
|
||||
|
@ -5102,7 +5103,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: GreenShot
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -5131,7 +5132,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: GSA
|
||||
product: Cloud.gov
|
||||
cves:
|
||||
|
@ -5189,5 +5190,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:53+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
1482
data/cisagov_H.yml
1482
data/cisagov_H.yml
File diff suppressed because it is too large
Load diff
1618
data/cisagov_I.yml
1618
data/cisagov_I.yml
File diff suppressed because it is too large
Load diff
1856
data/cisagov_J.yml
1856
data/cisagov_J.yml
File diff suppressed because it is too large
Load diff
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: K6
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,7 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Karakun
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -90,7 +90,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Kaseya
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -119,7 +119,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Keeper Security
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -148,7 +148,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: KEMP
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -177,7 +177,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: KEMP 2
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -206,7 +206,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Kofax
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -235,7 +235,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Konica Minolta
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -264,7 +264,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Kronos UKG
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -293,7 +293,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Kyberna
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -322,5 +322,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: L3Harris Geospatial
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,7 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Lancom Systems
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -90,7 +90,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Lansweeper
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -119,7 +119,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Laserfiche
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -148,7 +148,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LastPass
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -177,7 +177,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LaunchDarkly
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -206,7 +206,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Leanix
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -235,7 +235,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: Aperio AT2
|
||||
cves:
|
||||
|
@ -613,35 +613,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND-ADVANCE
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.leicabiosystems.com/about/product-security/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND Controller
|
||||
cves:
|
||||
|
@ -671,64 +642,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND-III
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.leicabiosystems.com/about/product-security/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND-MAX
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.leicabiosystems.com/about/product-security/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND RX
|
||||
cves:
|
||||
|
@ -787,6 +700,93 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND-ADVANCE
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.leicabiosystems.com/about/product-security/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND-III
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.leicabiosystems.com/about/product-security/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: BOND-MAX
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.leicabiosystems.com/about/product-security/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: Leica BIOSYSTEMS
|
||||
product: CEREBRO
|
||||
cves:
|
||||
|
@ -2415,7 +2415,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Let's Encrypt
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2444,7 +2444,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LibreNMS
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2473,7 +2473,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LifeRay
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2502,7 +2502,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LifeSize
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2531,7 +2531,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Lightbend
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2560,7 +2560,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Lime CRM
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2589,7 +2589,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LIONGARD
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2618,7 +2618,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LiquidFiles
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2647,7 +2647,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LiveAction
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2676,7 +2676,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Loftware
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2705,7 +2705,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LOGalyze
|
||||
product: SIEM & log analyzer tool
|
||||
cves:
|
||||
|
@ -2766,7 +2766,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LogicMonitor
|
||||
product: LogicMonitor Platform
|
||||
cves:
|
||||
|
@ -2795,7 +2795,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LogMeIn
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2824,7 +2824,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LogRhythm
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2853,7 +2853,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Looker
|
||||
product: Looker
|
||||
cves:
|
||||
|
@ -2888,7 +2888,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: LucaNet
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2917,7 +2917,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Lucee
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -2946,7 +2946,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Lyrasis
|
||||
product: Fedora Repository
|
||||
cves:
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nagios
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,7 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: NAKIVO
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -90,7 +90,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: National Instruments
|
||||
product: OptimalPlus
|
||||
cves:
|
||||
|
@ -102,9 +102,9 @@ software:
|
|||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 'Vertica'
|
||||
- 'Cloudera'
|
||||
- 'Logstash'
|
||||
- Vertica
|
||||
- Cloudera
|
||||
- Logstash
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -136,7 +136,7 @@ software:
|
|||
investigated: true
|
||||
affected_versions:
|
||||
- '>4.2'
|
||||
- '<4..2.12'
|
||||
- <4..2.12
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -182,7 +182,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Netcup
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -211,7 +211,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: NetGate PFSense
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -240,7 +240,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Netwrix
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -269,7 +269,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: New Relic
|
||||
product: Containerized Private Minion (CPM)
|
||||
cves:
|
||||
|
@ -282,7 +282,7 @@ software:
|
|||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions:
|
||||
- '3.0.57'
|
||||
- 3.0.57
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
|
@ -312,7 +312,7 @@ software:
|
|||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- '<7.4.3'
|
||||
- <7.4.3
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -360,7 +360,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nextflow
|
||||
product: Nextflow
|
||||
cves:
|
||||
|
@ -374,7 +374,7 @@ software:
|
|||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- '21.04.0.5552'
|
||||
- 21.04.0.5552
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
|
@ -448,7 +448,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: NinjaRMM
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -478,7 +478,7 @@ software:
|
|||
by CISA
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nomachine
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -507,7 +507,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: NoviFlow
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -536,7 +536,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nulab
|
||||
product: Backlog
|
||||
cves:
|
||||
|
@ -566,7 +566,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nulab
|
||||
product: Backlog Enterprise (On-premises)
|
||||
cves:
|
||||
|
@ -596,7 +596,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nulab
|
||||
product: Cacoo
|
||||
cves:
|
||||
|
@ -626,7 +626,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nulab
|
||||
product: Cacoo Enterprise (On-premises)
|
||||
cves:
|
||||
|
@ -656,7 +656,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nulab
|
||||
product: Typetalk
|
||||
cves:
|
||||
|
@ -686,7 +686,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Nutanix
|
||||
product: AHV
|
||||
cves:
|
||||
|
@ -1342,35 +1342,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Nutanix
|
||||
product: Leap
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
|
||||
notes: Saas-Based Procuct. See Advisory.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Nutanix
|
||||
product: LCM
|
||||
cves:
|
||||
|
@ -1401,6 +1372,35 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Nutanix
|
||||
product: Leap
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
|
||||
notes: Saas-Based Procuct. See Advisory.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-20T00:00:00'
|
||||
- vendor: Nutanix
|
||||
product: Mine
|
||||
cves:
|
||||
|
@ -1758,7 +1758,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: NXLog
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1787,5 +1787,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OCLC
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,7 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Octopus
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -90,7 +90,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Okta
|
||||
product: Advanced Server Access
|
||||
cves:
|
||||
|
@ -294,6 +294,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-12T00:00:00'
|
||||
- vendor: Okta
|
||||
product: Okta On-Prem MFA Agent
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- < 1.4.6
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-12T00:00:00'
|
||||
- vendor: Okta
|
||||
product: Okta RADIUS Server Agent
|
||||
cves:
|
||||
|
@ -382,36 +412,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-12T00:00:00'
|
||||
- vendor: Okta
|
||||
product: Okta On-Prem MFA Agent
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- < 1.4.6
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-12T00:00:00'
|
||||
- vendor: Onespan
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -440,7 +440,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Opengear
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -469,7 +469,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OpenMRS TALK
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -498,7 +498,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OpenNMS
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -527,7 +527,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OpenSearch
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -556,7 +556,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OpenText
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -586,37 +586,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-23T00:00:00'
|
||||
- vendor: Opto 22
|
||||
product: GRV-EPIC-PR1, GRV-EPIC-PR2
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- < 3.3.2
|
||||
fixed_versions:
|
||||
- 3.3.2
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
||||
notes: The Log4j vulnerability affects all products running groov View software
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-13T00:00:00'
|
||||
- vendor: Opto 22
|
||||
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
|
||||
cves:
|
||||
|
@ -710,6 +679,37 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-13T00:00:00'
|
||||
- vendor: Opto 22
|
||||
product: GRV-EPIC-PR1, GRV-EPIC-PR2
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- < 3.3.2
|
||||
fixed_versions:
|
||||
- 3.3.2
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
||||
notes: The Log4j vulnerability affects all products running groov View software
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-13T00:00:00'
|
||||
- vendor: Oracle
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -741,7 +741,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-17T00:00:00'
|
||||
- vendor: Oracle
|
||||
product: Exadata
|
||||
product: Enterprise Manager
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -751,7 +751,8 @@ software:
|
|||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- <21.3.4
|
||||
- '13.5'
|
||||
- 13.4 & 13.3.2
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -773,7 +774,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-17T00:00:00'
|
||||
- vendor: Oracle
|
||||
product: Enterprise Manager
|
||||
product: Exadata
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -783,8 +784,7 @@ software:
|
|||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- '13.5'
|
||||
- 13.4 & 13.3.2
|
||||
- <21.3.4
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -833,7 +833,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Osirium
|
||||
product: PAM
|
||||
cves:
|
||||
|
@ -862,7 +862,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Osirium
|
||||
product: PEM
|
||||
cves:
|
||||
|
@ -891,7 +891,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Osirium
|
||||
product: PPA
|
||||
cves:
|
||||
|
@ -920,7 +920,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OTRS
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -949,7 +949,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OVHCloud
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -978,7 +978,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OwnCloud
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1007,7 +1007,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: OxygenXML
|
||||
product: Author
|
||||
cves:
|
||||
|
|
2748
data/cisagov_P.yml
2748
data/cisagov_P.yml
File diff suppressed because it is too large
Load diff
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:55+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Qlik
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,37 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:55+00:00'
|
||||
- vendor: QMATIC
|
||||
product: Orchestra Central
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 6.0+
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: QMATIC
|
||||
product: Appointment Booking
|
||||
cves:
|
||||
|
@ -122,6 +92,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: QMATIC
|
||||
product: Appointment Booking
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- Cloud/Managed Service
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
|
||||
notes: log4j 2.16 applied 2021-12-15
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: QMATIC
|
||||
product: Insights
|
||||
cves:
|
||||
|
@ -153,7 +153,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
- vendor: QMATIC
|
||||
product: Appointment Booking
|
||||
product: Orchestra Central
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -162,10 +162,10 @@ software:
|
|||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- Cloud/Managed Service
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
unaffected_versions:
|
||||
- 6.0+
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
|
@ -178,7 +178,7 @@ software:
|
|||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
|
||||
notes: log4j 2.16 applied 2021-12-15
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-21T00:00:00'
|
||||
|
@ -210,7 +210,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:55+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: QOPPA
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -239,7 +239,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:55+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: QSC Q-SYS
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -268,7 +268,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:55+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: QT
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -297,7 +297,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:55+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Quest Global
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -326,5 +326,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:55+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
2857
data/cisagov_R.yml
2857
data/cisagov_R.yml
File diff suppressed because it is too large
Load diff
4182
data/cisagov_S.yml
4182
data/cisagov_S.yml
File diff suppressed because it is too large
Load diff
1541
data/cisagov_T.yml
1541
data/cisagov_T.yml
File diff suppressed because it is too large
Load diff
|
@ -33,7 +33,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Ubiquiti
|
||||
product: UniFi Network Controller
|
||||
cves:
|
||||
|
@ -93,123 +93,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
- vendor: Umbraco
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
- vendor: UniFlow
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.uniflow.global/en/security/security-and-maintenance/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
- vendor: Unify ATOS
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
- vendor: Unimus
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: UiPath
|
||||
product: InSights
|
||||
cves:
|
||||
|
@ -240,6 +124,122 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-15T00:00:00'
|
||||
- vendor: Umbraco
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: UniFlow
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.uniflow.global/en/security/security-and-maintenance/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Unify ATOS
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Unimus
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: USSIGNAL MSP
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -268,5 +268,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
|
@ -4,35 +4,6 @@ owners:
|
|||
- name: cisagov
|
||||
url: https://github.com/cisagov/log4j-affected-db
|
||||
software:
|
||||
- vendor: VArmour
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
- vendor: Varian
|
||||
product: Acuity
|
||||
cves:
|
||||
|
@ -63,36 +34,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: DITC
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions:
|
||||
- All
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: ARIA Connect (Cloverleaf)
|
||||
cves:
|
||||
|
@ -123,96 +64,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: ARIA oncology information system for Medical Oncology
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: XMediusFax for ARIA oncology information system for Medical Oncology
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions:
|
||||
- All
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: ARIA oncology information system for Radiation Oncology
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: ARIA eDOC
|
||||
cves:
|
||||
|
@ -244,7 +95,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: XMediusFax for ARIA oncology information system for Radiation Oncology
|
||||
product: ARIA oncology information system for Medical Oncology
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -252,11 +103,41 @@ software:
|
|||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: ARIA oncology information system for Radiation Oncology
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
|
@ -393,6 +274,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: DITC
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions:
|
||||
- All
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: DoseLab
|
||||
cves:
|
||||
|
@ -573,6 +484,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: ICAP
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: Identify
|
||||
cves:
|
||||
|
@ -694,7 +635,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: ICAP
|
||||
product: Mobius3D platform
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -724,7 +665,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: Mobius3D platform
|
||||
product: PaaS
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -933,36 +874,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: PaaS
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: TrueBeam radiotherapy system
|
||||
cves:
|
||||
|
@ -1234,6 +1145,95 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: XMediusFax for ARIA oncology information system for Medical Oncology
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions:
|
||||
- All
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Varian
|
||||
product: XMediusFax for ARIA oncology information system for Radiation Oncology
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions:
|
||||
- All
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: VArmour
|
||||
product: ''
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Varnish Software
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1262,7 +1262,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Varonis
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1291,7 +1291,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Veeam
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1320,7 +1320,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Venafi
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1349,7 +1349,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Veritas NetBackup
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1378,7 +1378,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Vertica
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -1421,7 +1421,7 @@ software:
|
|||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 'All'
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
|
@ -1466,7 +1466,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: VMware
|
||||
product: API Portal for VMware Tanzu
|
||||
cves:
|
||||
|
@ -1678,6 +1678,71 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-12T00:00:00'
|
||||
- vendor: VMware
|
||||
product: vCenter Server - OVA
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 7.x
|
||||
- 6.7.x
|
||||
- 6.5.x
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
||||
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
|
||||
)'
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-17T00:00:00'
|
||||
- vendor: VMware
|
||||
product: vCenter Server - Windows
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 6.7.x
|
||||
- 6.5.x
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
||||
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
|
||||
)'
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-17T00:00:00'
|
||||
- vendor: VMware
|
||||
product: VMware Carbon Black Cloud Workload Appliance
|
||||
cves:
|
||||
|
@ -2291,71 +2356,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-12T00:00:00'
|
||||
- vendor: VMware
|
||||
product: vCenter Server - OVA
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 7.x
|
||||
- 6.7.x
|
||||
- 6.5.x
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
||||
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
|
||||
)'
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-17T00:00:00'
|
||||
- vendor: VMware
|
||||
product: vCenter Server - Windows
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 6.7.x
|
||||
- 6.5.x
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
|
||||
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
|
||||
)'
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-17T00:00:00'
|
||||
- vendor: VMware
|
||||
product: VMware vRealize Automation
|
||||
cves:
|
||||
|
@ -2614,7 +2614,7 @@ software:
|
|||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- 'All'
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
|
|
|
@ -62,7 +62,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Wasp Barcode technologies
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -91,7 +91,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: WatchGuard
|
||||
product: Secplicity
|
||||
cves:
|
||||
|
@ -120,7 +120,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Western Digital
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -149,37 +149,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
- vendor: WIBU Systems
|
||||
product: CodeMeter Keyring for TIA Portal
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 1.30 and prior
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
|
||||
notes: Only the Password Manager is affected
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: WIBU Systems
|
||||
product: CodeMeter Cloud Lite
|
||||
cves:
|
||||
|
@ -210,8 +180,8 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: WindRiver
|
||||
product: ''
|
||||
- vendor: WIBU Systems
|
||||
product: CodeMeter Keyring for TIA Portal
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -219,8 +189,9 @@ software:
|
|||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 1.30 and prior
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -233,12 +204,285 @@ software:
|
|||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
|
||||
notes: Only the Password Manager is affected
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Wind River
|
||||
product: LTS17
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-21T00:00:00'
|
||||
- vendor: Wind River
|
||||
product: LTS18
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-21T00:00:00'
|
||||
- vendor: Wind River
|
||||
product: LTS19
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-21T00:00:00'
|
||||
- vendor: Wind River
|
||||
product: LTS21
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Wind River
|
||||
product: WRL-6
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
|
||||
and JMSAppender components, however, JMSAppender is deactivated in the release
|
||||
package and not affected by CVE-2021-4104 customers are advised to NOT manually
|
||||
activate the JMSAppender component.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-21T00:00:00'
|
||||
- vendor: Wind River
|
||||
product: WRL-7
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
|
||||
and JMSAppender components, however, JMSAppender is deactivated in the release
|
||||
package and not affected by CVE-2021-4104 customers are advised to NOT manually
|
||||
activate the JMSAppender component.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-21T00:00:00'
|
||||
- vendor: Wind River
|
||||
product: WRL-8
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
|
||||
and JMSAppender components, however, JMSAppender is deactivated in the release
|
||||
package and not affected by CVE-2021-4104 customers are advised to NOT manually
|
||||
activate the JMSAppender component.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-21T00:00:00'
|
||||
- vendor: Wind River
|
||||
product: WRL-9
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
vendor_links:
|
||||
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-21T00:00:00'
|
||||
- vendor: WireShark
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -267,7 +511,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Wistia
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -296,7 +540,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: WitFoo
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -325,7 +569,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: WordPress
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -354,7 +598,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Worksphere
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -383,7 +627,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Wowza
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -412,7 +656,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: WSO2
|
||||
product: WSO2 Enterprise Integrator
|
||||
cves:
|
||||
|
@ -442,5 +686,5 @@ software:
|
|||
notes: A temporary mitigation is available while vendor works on update
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: XenForo
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,7 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Xerox
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -90,7 +90,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: XPertDoc
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -119,7 +119,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: XPLG
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -148,7 +148,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: XWIKI
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -177,7 +177,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Xylem
|
||||
product: Aquatalk
|
||||
cves:
|
||||
|
@ -236,6 +236,35 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Xylem
|
||||
product: Configuration change complete
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Xylem
|
||||
product: Sensus Analytics
|
||||
cves:
|
||||
|
@ -411,7 +440,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Xylem
|
||||
product: Sensus RNI Saas
|
||||
product: Sensus RNI On Prem
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -443,7 +472,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Xylem
|
||||
product: Sensus RNI On Prem
|
||||
product: Sensus RNI Saas
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -561,35 +590,6 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Xylem
|
||||
product: Configuration change complete
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-22T00:00:00'
|
||||
- vendor: Xylem
|
||||
product: Xylem Cloud
|
||||
cves:
|
||||
|
|
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: YellowFin
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,7 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: YOKOGAWA
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -119,5 +119,5 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
...
|
||||
|
|
|
@ -32,7 +32,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: ZAMMAD
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -61,7 +61,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zaproxy
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -90,7 +90,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zebra
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -119,7 +119,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zendesk
|
||||
product: All Products
|
||||
cves:
|
||||
|
@ -180,7 +180,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zentera Systems, Inc.
|
||||
product: CoIP Access Platform
|
||||
cves:
|
||||
|
@ -239,7 +239,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zesty
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -268,7 +268,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zimbra
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -297,7 +297,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zix
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -355,7 +355,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: ZPE systems Inc
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -384,7 +384,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zscaler
|
||||
product: See Link (Multiple Products)
|
||||
cves:
|
||||
|
@ -442,7 +442,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:56+00:00'
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Zyxel
|
||||
product: Security Firewall/Gateways
|
||||
cves:
|
||||
|
|
Loading…
Reference in a new issue