mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-23 00:50:48 +00:00
Merge branch 'develop' into add-osirium
This commit is contained in:
commit
3789815ab1
1 changed files with 7 additions and 7 deletions
|
@ -212,9 +212,9 @@ This list was initially populated using information from the following sources:
|
||||||
| BioMerieux | | | Under Investigation | | [BioMerieux Advisory Link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | 12/22/2021 |
|
| BioMerieux | | | Under Investigation | | [BioMerieux Advisory Link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | 12/22/2021 |
|
||||||
| Bender | | | | | [Bender Link](https://www.bender.de/en/cert) | | | |
|
| Bender | | | | | [Bender Link](https://www.bender.de/en/cert) | | | |
|
||||||
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | | [Vendor Link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | |
|
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | | [Vendor Link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | |
|
||||||
| BeyondTrust | Privilege Management Cloud | Unkown | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell)](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | 2021-12-17 |
|
| BeyondTrust | Privilege Management Cloud | Unknown | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell)](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | 2021-12-17 |
|
||||||
| BeyondTrust | Privilege Management Reporting in BeyondInsight | 21.2 | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell)](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | 2021-12-17 |
|
| BeyondTrust | Privilege Management Reporting in BeyondInsight | 21.2 | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell)](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | 2021-12-17 |
|
||||||
| BeyondTrust | Secure Remote Access appliances | Unkown | Not Affected | | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell)](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | 2021-12-17 |
|
| BeyondTrust | Secure Remote Access appliances | Unknown | Not Affected | | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell)](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | 2021-12-17 |
|
||||||
| BeyondTrust Bomgar | | | | | [BeyondTrust Bomgar Link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | |
|
| BeyondTrust Bomgar | | | | | [BeyondTrust Bomgar Link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | |
|
||||||
| BisectHosting | | | | | [BisectHosting Link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | |
|
| BisectHosting | | | | | [BisectHosting Link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | |
|
||||||
| BitDefender | | | | | [BitDefender Advisory Link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | |
|
| BitDefender | | | | | [BitDefender Advisory Link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | |
|
||||||
|
@ -2116,9 +2116,9 @@ download | | 12/20/2021 |
|
||||||
| PortSwigger | | | | | [PortSwigger Forum](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | |
|
| PortSwigger | | | | | [PortSwigger Forum](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | |
|
||||||
| PostGreSQL | | | | | [PostGreSQL News](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | |
|
| PostGreSQL | | | | | [PostGreSQL News](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | |
|
||||||
| Postman | | | | | [Postman Support Link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | |
|
| Postman | | | | | [Postman Support Link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | |
|
||||||
| Power Admin LLC | PA File Sight | NONE | NotAffected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | 12/17/2021 |
|
| Power Admin LLC | PA File Sight | NONE | Not Affected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | 12/17/2021 |
|
||||||
| Power Admin LLC | PA Storage Monitor | NONE | NotAffected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | 12/17/2021 |
|
| Power Admin LLC | PA Storage Monitor | NONE | Not Affected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | 12/17/2021 |
|
||||||
| Power Admin LLC | PA Server Monitor | NONE | NotAffected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | 12/17/2021 |
|
| Power Admin LLC | PA Server Monitor | NONE | Not Affected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | 12/17/2021 |
|
||||||
| Pretix | | | | | [Pretix Blog Post](https://pretix.eu/about/de/blog/20211213-log4j/) | | | |
|
| Pretix | | | | | [Pretix Blog Post](https://pretix.eu/about/de/blog/20211213-log4j/) | | | |
|
||||||
| PrimeKey | | | | | [PrimeKey Support Link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | |
|
| PrimeKey | | | | | [PrimeKey Support Link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | |
|
||||||
| Progress / IpSwitch | | | | | [Progress / IpSwitch Link](https://www.progress.com/security) | | | |
|
| Progress / IpSwitch | | | | | [Progress / IpSwitch Link](https://www.progress.com/security) | | | |
|
||||||
|
@ -2334,7 +2334,7 @@ download | | 12/20/2021 |
|
||||||
| Server Eye | | | | | [Server Eye Blog Post](https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/) | | | |
|
| Server Eye | | | | | [Server Eye Blog Post](https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/) | | | |
|
||||||
| ServiceNow | | | | | [ServiceNow Support Link](https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959) | | | |
|
| ServiceNow | | | | | [ServiceNow Support Link](https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959) | | | |
|
||||||
| Shibboleth | | | | | [Shibboleth Announcement](http://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | |
|
| Shibboleth | | | | | [Shibboleth Announcement](http://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | |
|
||||||
| Shibboleth | All Products | Identity Provider>=3.0, All other software versions | NotAffected | | [Log4j CVE (non)-impact](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | 12/10/2021 |
|
| Shibboleth | All Products | Identity Provider>=3.0, All other software versions | Not Affected | | [Log4j CVE (non)-impact](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | 12/10/2021 |
|
||||||
| Shopify | | | | | [Shopify Community Link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | |
|
| Shopify | | | | | [Shopify Community Link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | |
|
||||||
| Siebel | | | | | [Siebel Link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | |
|
| Siebel | | | | | [Siebel Link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | |
|
||||||
| Siemens | Advantage Navigator Energy & Sustainability | All Versions <2021-12-13 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Vulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
|
| Siemens | Advantage Navigator Energy & Sustainability | All Versions <2021-12-13 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Vulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
|
||||||
|
@ -2520,7 +2520,7 @@ download | | 12/20/2021 |
|
||||||
| Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Fixed 12/20 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:25 am PT, 12/21/21 |
|
| Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Fixed 12/20 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:25 am PT, 12/21/21 |
|
||||||
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:25 am PT, 12/21/21 |
|
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:25 am PT, 12/21/21 |
|
||||||
| Sprecher Automation | | | | | [Sprecher Automation Security Alert](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | |
|
| Sprecher Automation | | | | | [Sprecher Automation Security Alert](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | |
|
||||||
| Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | |
|
| Spring | Spring Boot | | Unknown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | |
|
||||||
| Spring Boot | | | | | [Spring Boot Vulnerability Statement](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | |
|
| Spring Boot | | | | | [Spring Boot Vulnerability Statement](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | |
|
||||||
| StarDog | | | | | [StarDog](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | |
|
| StarDog | | | | | [StarDog](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | |
|
||||||
| STERIS | Advantage | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
|
| STERIS | Advantage | | Not Affected | | [STERIS Advisory Link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | 12/22/2021 |
|
||||||
|
|
Loading…
Reference in a new issue