Merge pull request #457 from inl-ics/develop

Update cisagov_W.yml
2 years ago · 332c479e66
parent aa4490c061 f7ac385aeb
commit 332c479e66
1 changed files with 251 additions and 10 deletions
--- a/data/cisagov_W.yml
+++ b/data/cisagov_W.yml
@ -210,29 +210,270 @@ software:
    references:
      - ''
    last_updated: '2021-12-22T00:00:00'
-  - vendor: WindRiver
-    product: ''
+  - vendor: Wind River
+    product: WRL-6
    cves:
      cve-2021-4104:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - 'All'
      cve-2021-44228:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - 'All'
      cve-2021-45046:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - 'All'
      cve-2021-45105:
-        investigated: false
+        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - 'All'
+    vendor_links:
+      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
+    notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender
+      components, however, JMSAppender is deactivated in the release package and not affected by
+      CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component.
+    references:
+      - ''
+    last_updated: '2022-01-21T00:00:00'
+  - vendor: Wind River
+    product: WRL-7
+    cves:
+      cve-2021-4104:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+    vendor_links:
+      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
+    notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender
+      components, however, JMSAppender is deactivated in the release package and not affected by
+      CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component.
+    references:
+      - ''
+    last_updated: '2022-01-21T00:00:00'
+  - vendor: Wind River
+    product: WRL-8
+    cves:
+      cve-2021-4104:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+    vendor_links:
+      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
+    notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender
+      components, however, JMSAppender is deactivated in the release package and not affected by
+      CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component.
+    references:
+      - ''
+    last_updated: '2022-01-21T00:00:00'
+  - vendor: Wind River
+    product: WRL-9
+    cves:
+      cve-2021-4104:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+    vendor_links:
+      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-21T00:00:00'
+  - vendor: Wind River
+    product: LTS17
+    cves:
+      cve-2021-4104:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+    vendor_links:
+      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-21T00:00:00'
+  - vendor: Wind River
+    product: LTS18
+    cves:
+      cve-2021-4104:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+    vendor_links:
+      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-21T00:00:00'
+  - vendor: Wind River
+    product: LTS19
+    cves:
+      cve-2021-4104:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+    vendor_links:
+      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-21T00:00:00'
+  - vendor: Wind River
+    product: LTS21
+    cves:
+      cve-2021-4104:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
    vendor_links:
      - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
    notes: ''