r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

F5 CVE-2021-44228 and CVE-2021-45046 update

Browse Source 
Bringing data in from https://support.f5.com/csp/article/K19026212 and https://support.f5.com/csp/article/K32171392 to confirm that most products are unaffected and highlighting the vulnerability in F5 Traffix SDC.
pull/251/head
Oleg Mukhin 2 years ago committed by GitHub
parent 3ec72910ad
commit 2e3918c0e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 13
      README.md

13
README.md
Unescape View File

@ -880,7 +880,18 @@ Apache|Camel|3.14.1.3.11.5,3.7.7|Affected|Yes|[APACHE CAMEL AND CVE-2021-44228 (
| F-Secure | Messaging Security Gateway | | Affected | Yes | [The Log4J Vulnerability (CVE-2021-44228) – which F-Secure products are affected, what it means, what steps should you take - F-Secure Community](https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take) | | | |
| F-Secure | Policy Manager | 13-15 | Affected | Yes | [F-Secure services Status - 0-day exploit found in the Java logging package log4j2](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | |
| F-Secure| Policy Manager Proxy | 13-15 | Affected | Yes | [F-Secure services Status - 0-day exploit found in the Java logging package log4j2](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | |
| F5 Networks | | | | | [F5 Networks Statement](https://support.f5.com/csp/article/K19026212) | | | |
| F5 | BIG-IP (all modules) | 11.x - 16.x | Not Affected | | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | | | |
| F5 | BIG-IQ Centralized Management | 7.x-8.x | Not Affected | | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | | | |
| F5 | F5OS | 1.x | Not Affected | | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | | | |
| F5 | Traffix SDC | 5.x (5.2.0 CF1, 5.1.0 CF-30 - 5.1.0 CF-33)| Affected | No | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + Kibana), Element Management System | | |
| F5 | NGINX Plus | R19 - R25 | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| F5 | NGINX Open Source | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| F5 | NGINX Unit | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| F5 | NGINX App Protect | 3.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| F5 | NGINX Controller | 3.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| F5 | NGINX Ingress Controller | 1.x - 2.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| F5 | NGINX Instance Manager | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| F5 | NGINX Service Mesh | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | |
| FAST LTA | | | | | [FAST LTA Statement](https://blog.fast-lta.de/en/log4j2-vulnerability) | | | |
| Fastly | | | | | [Fastly Statement](https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j) | | | |
| FedEx | Ship Manager Software | Unknown | Affected/Under Investigation | | [FedEx Statement](https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4)|Note: FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative.||12/15/2021|

Write Preview
Loading…
Cancel
Save