1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 16:40:48 +00:00

Update SOFTWARE-LIST.md

Added Canon, GE Digital, GE Digital Grid, GE Healthcare, GE Gas Power, and STERIS
This commit is contained in:
inl-ics 2021-12-22 15:50:33 -07:00 committed by GitHub
parent 6c3b36e842
commit 2478d10e3a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -322,6 +322,14 @@ This list was initially populated using information from the following sources:
| C4b XPHONE | | | | | [C4b XPHONE Link](https://www.c4b.com/de/news/log4j.php) | | | |
| Camunda | | | | | [Camunda Forum Link](https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910) | | | |
| Canary Labs | All | | Not Affected | | [Canary Labs Advisory Link](https://helpcenter.canarylabs.com/t/83hjjk0/log4j-vulnerability) | | | 12/22/2021 |
| Canon | CT Medical Imaging Products | | Not Affected | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| Canon | MR Medical Imaging Products | | Not Affected | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| Canon | UL Medical Imaging Products | | Not Affected | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| Canon | XR Medical Imaging Products | | Not Affected | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| Canon | NM Medical Imaging Products | | Not Affected | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| Canon | Vitrea Advanced 7.x | | Under Investigation | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| Canon | Infinix-i (Angio Workstation) | | Under Investigation | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| Canon | Alphenix (Angio Workstation) | | Under Investigation | | [Canon Advisory Link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | 12/22/2021 |
| CarbonBlack | | | | | [CarbonBlack Advisory](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | |
| Carestream | | | Not Affected | |[Carestream Advisory Link](https://www.carestream.com/en/us/services-and-support/cybersecurity-and-privacy) | | | 12/20/2021 |
| CAS genesisWorld | | | | | [CAS genesisWorld Link](https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446) | | | |
@ -1101,6 +1109,14 @@ This list was initially populated using information from the following sources:
| FTAPI | | | | | [FTAPI Statement](https://www.ftapi.com/blog/kritische-sicherheitslucke-in-log4j-ftapi-reagiert/#) | | | |
| Fujitsu | | | | | [Fujitsu Statement](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | |
| FusionAuth | FusionAuth | 1.32 | Not Affected | | [log4j CVE: How it affects FusionAuth (TLDR: It doesn't) - FusionAuth](https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/) | | | |
| GE Digital | | | Unknown | | [GE Digital Advisory Link(login required)](https://digitalsupport.ge.com/communities/en_US/Alert/GE-Security-Advisories) | This advisory is available to customers only and has not been reviewed by CISA. | | 12/22/2021 |
| GE Digital Grid | | | Unknown | | [GE Digital Grid Advisory Link(login required)](https://digitalenergy.service-now.com/csm?id=kb_category&kb_category=b8bc715b879c89103f22a93e0ebb3585) | This advisory is available to customers only and has not been reviewed by CISA. | | 12/22/2021 |
| GE Gas Power | Baseline Security Center (BSC) | | Affected | | [GE Gas Power Advisory Link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf) | Vulnerability to be fixed by vendor provided workaround. No user actions necessary. Contact GE for details. | | 12/22/2021 |
| GE Gas Power | Baseline Security Center (BSC) 2.0 | | Affected | | [GE Gas Power Advisory Link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf) | Vulnerability to be fixed by vendor provided workaround. No user actions necessary. Contact GE for details | | 12/22/2021 |
| GE Gas Power | Asset Performance Management (APM) | | Affected | | [GE Gas Power Advisory Link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf) | GE verifying workaround. | | 12/22/2021 |
| GE Gas Power | Control Server | | Affected | | [GE Gas Power Advisory Link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf) | The Control Server is Affected via vCenter. There is a fix for vCenter. Please see below. GE verifying the vCenter fix as proposed by the vendor. | | 12/22/2021 |
| GE Gas Power | Tag Mapping Service | | Affected | Yes | [GE Gas Power Advisory Link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf) | Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 | | 12/22/2021 |
| GE Healthcare | | | Unknown | | [GE Healthcare Advisory Link](https://securityupdate.gehealthcare.com) | This advisory is not available at the time of this review, due to maintence on the GE Healthcare website. | | 12/22/2021 |
| Gearset | | | | | [Gearset Statement](https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021) | | | |
| Genesys | | | | | [Genesys Statement](https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability) | | | |
| GeoServer | | | | | [GeoServer Announcement](http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html) | | | |
@ -2504,6 +2520,58 @@ download | | 12/20/2021 |
| Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | |
| Spring Boot | | | | | [Spring Boot Vulnerability Statement](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | |
| StarDog | | | | | [StarDog](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | |
| STERIS | Advantage | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Advantage Plus | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | DSD Edge | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | EndoDry | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | RapidAER | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Endora | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Canexis 1.0 | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | ConnectoHIS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | ScopeBuddy+ | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | DSD-201, | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | CER Optima | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Renatron | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | ConnectAssure Technology | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | SPM® Surgical Asset Tracking Software | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | CS-iQ® Sterile Processing Workflow | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® 2000 SERIES WASHER DISINFECTORS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® 3000 SERIES WASHER DISINFECTORS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® 5000 SERIES WASHER DISINFECTORS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® 7000 SERIES WASHER DISINFECTORS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | RELIANCE® 444 WASHER DISINFECTOR | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | RELIANCE® SYNERGY WASHER DISINFECTOR | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | RELIANCE® VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | RELIANCE® VISION MULTI- CHAMBER WASHER DISINFECTOR | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | RELIANCE® VISION SINGLE CHAMBER WASHER DISINFECTOR | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® 400 MEDIUM STEAM STERILIZER | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® 400 SMALL STEAM STERILIZERS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® 600 MEDIUM STEAM STERILIZER | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® CENTURY® MEDIUM STEAM STERILIZER | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® CENTURY® SMALL STEAM STERILIZER | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® EAGLE® 3000 SERIES STAGE 3 STEAM STERILIZERS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® EVOLUTION® FLOOR LOADER STEAM STERILIZER | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | AMSCO® EVOLUTION® MEDIUM STEAM STERILIZER | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | CELERITY™ HP INCUBATOR | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | CELERITY™ STEAM INCUBATOR | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | VERIFY™ INCUBATOR FOR ASSERT™ SELF-CONTAINED BIOLOGICAL INDICATORS | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | SYSTEM 1® endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | V-PRO® 1 LOW TEMPERATURE STERILIZATION SYSTEM | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | V-PRO® 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | V-PRO® MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | V-PRO® MAX LOW TEMPERATURE STERILIZATION SYSTEM | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | V-PRO® S2 LOW TEMPERATURE STERILIZATION SYSTEM | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | SecureCare® ProConnect® Technical Support Services | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | HexaVue™ Integration System | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | IDSS Integration System | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Harmony iQ® Integration Systems | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | HexaVue™ | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Connect Software | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Harmony iQ Perspectives® Image Management System | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Clarity Software | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | Situational Awareness for Everyone® Display (S.A.F.E.) | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | RealView® Visual Workflow Management System | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| STERIS | ReadyTracker | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
| Sterling Order IBM | | | | | [IBM Statement](https://www.ibm.com/support/pages/node/6525544) | | | |
| Storagement | | | | | [Storagement](https://www.storagement.de/index.php?action=topicofthemonth&site=log4j) | | | |
| StormShield | | | | | [StormShield Security Alert](https://www.stormshield.com/news/log4shell-security-alert-stormshield-product-response/) | | | |