Merge branch 'develop' into dependabot/github_actions/lewagon/wait-on-check-action-1.1.1

pull/442/head
Nick 2 years ago committed by GitHub
commit 398415eb33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 5
      .github/dependabot.yml
  2. 8
      .github/workflows/update_software_list.yml
  3. 12
      .mdl_config.yaml
  4. 2
      .pre-commit-config.yaml
  5. 6
      .yamllint
  6. 2817
      SOFTWARE-LIST.md
  7. 3
      config/SOFTWARE-LIST.tpl.md
  8. 2
      config/requirements.txt
  9. 71630
      data/cisagov.yml
  10. 7167
      data/cisagov_A.yml
  11. 2628
      data/cisagov_B.yml
  12. 1058
      data/cisagov_C.yml
  13. 3297
      data/cisagov_D.yml
  14. 3257
      data/cisagov_E.yml
  15. 3448
      data/cisagov_F.yml
  16. 1603
      data/cisagov_G.yml
  17. 930
      data/cisagov_H.yml
  18. 2229
      data/cisagov_I.yml
  19. 2959
      data/cisagov_J.yml
  20. 599
      data/cisagov_K.yml
  21. 94
      data/cisagov_L.yml
  22. 425
      data/cisagov_M.yml
  23. 70
      data/cisagov_N.yml
  24. 31
      data/cisagov_Non-Alphabet.yml
  25. 82
      data/cisagov_O.yml
  26. 8095
      data/cisagov_P.yml
  27. 1175
      data/cisagov_Q.yml
  28. 2857
      data/cisagov_R.yml
  29. 1171
      data/cisagov_S.yml
  30. 364
      data/cisagov_T.yml
  31. 50
      data/cisagov_U.yml
  32. 424
      data/cisagov_V.yml
  33. 1167
      data/cisagov_W.yml
  34. 3374
      data/cisagov_X.yml
  35. 476
      data/cisagov_Y.yml
  36. 459
      data/cisagov_Z.yml

@ -1,5 +1,10 @@
---
# Any ignore directives should be uncommented in downstream projects to disable
# Dependabot updates for the given dependency. Downstream projects will get
# these updates when the pull request(s) in the appropriate skeleton are merged
# and Lineage processes these changes.
version: 2
updates:
- package-ecosystem: "github-actions"

@ -68,6 +68,12 @@ jobs:
run: pip install --upgrade --requirement config/requirements.txt
- name: Create the branch for test validation
run: git switch --create ${{ needs.setup.outputs.testing_branch }}
- name: Normalize individual cisagov_*.yml files
run: |
for file in data/cisagov_*yml; do \
normalize-yml --cisagov-format "$file" > "$file".tmp; \
mv --force "$file".tmp "$file"; \
done
- name: Update the comprehensive cisagov YAML file
run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml
- name: Generate a normalized YAML file from all source YAML files
@ -84,7 +90,7 @@ jobs:
commit_user_name: ${{ needs.setup.outputs.git_user }}
commit_user_email: ${{ needs.setup.outputs.git_email }}
commit_author: ${{ needs.setup.outputs.git_author }}
file_pattern: SOFTWARE-LIST.md data/cisagov.yml
file_pattern: SOFTWARE-LIST.md data/cisagov*.yml
merge_list_update:
runs-on: ubuntu-latest
needs:

@ -44,7 +44,17 @@ MD035:
# Enforce dashes for horizontal rules
style: "---"
# MD046/code-block-style Code block style
# MD046/code-block-style - Code block style
MD046:
# Enforce the fenced style for code blocks
style: "fenced"
# MD049/emphasis-style - Emphasis style should be consistent
MD049:
# Enforce asterisks as the style to use for emphasis
style: "asterisk"
# MD050/strong-style - Strong style should be consistent
MD050:
# Enforce asterisks as the style to use for strong
style: "asterisk"

@ -31,7 +31,7 @@ repos:
# Text file hooks
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.30.0
rev: v0.31.1
hooks:
- id: markdownlint
args:

@ -2,6 +2,12 @@
extends: default
rules:
# yamllint does not like it when you comment out different parts of
# dictionaries in a list. You can see
# https://github.com/adrienverge/yamllint/issues/384 for some examples of
# this behavior.
comments-indentation: disable
# yamllint doesn't like when we use yes and no for true and false,
# but that's pretty standard in Ansible.
truthy: disable

File diff suppressed because it is too large Load Diff

@ -12,10 +12,11 @@
## Software List ##
This list was initially populated using information from the following sources:
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).

@ -1 +1 @@
https://github.com/cisagov/log4j-md-yml/archive/v1.1.0.tar.gz
https://github.com/cisagov/log4j-md-yml/archive/v1.1.1.tar.gz

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

@ -5,7 +5,7 @@ owners:
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: K15t
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -32,9 +32,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: K6
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -61,9 +61,69 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn SaaS in the classic Learn experience
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.28.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn Self- and Managed-Hosting
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.26.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Karakun
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -90,9 +150,339 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaseya
product: AuthAnvil
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: BMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: ID Agent DarkWeb ID and BullPhish ID
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: IT Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: MyGlue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Network Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Passly
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: RocketCyber
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spannign Salesforce Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spanning O365 Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Unitrends
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: ''
product: Vorex
cves:
cve-2021-4104:
investigated: false
@ -100,10 +490,41 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: VSA SaaS and VSA On-Premises
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -119,9 +540,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Keeper Security
product: ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: KeePass
product: All
cves:
cve-2021-4104:
investigated: false
@ -129,10 +550,41 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sourceforge.net/p/keepass/discussion/329220/thread/4643c5ec4f/?limit=250
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Keeper
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -148,9 +600,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: KEMP
product: ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kemp
product: All
cves:
cve-2021-4104:
investigated: false
@ -175,11 +627,41 @@ software:
vendor_links:
- https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit
notes: ''
references:
- '[Additional Link](https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-)'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Keycloak
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/keycloak/keycloak/discussions/9078
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: KEMP 2
product: ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Capture
cves:
cve-2021-4104:
investigated: false
@ -187,10 +669,41 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Capture/Kofax_Capture/Reference/Log4J_Vulnerability_CVE-2021-44228_Does_Not_Affect_Kofax_Capture
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Communication Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 5.3 - 5.5
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -202,13 +715,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-
- https://knowledge.kofax.com/Communications_Manager/Troubleshooting/log4j_vulnerability_in_Kofax_Communications_Manager
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: ''
product: Robot File System (RFS)
cves:
cve-2021-4104:
investigated: false
@ -216,10 +729,42 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '>=10.7'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Robotic Process Automation (RPA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '11.1'
- '11.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -231,13 +776,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228)
- https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Konica Minolta
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -264,9 +809,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kronos UKG
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -293,9 +838,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kyberna
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -322,5 +867,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: L3Harris Geospatial
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lancom Systems
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lansweeper
product: ''
cves:
@ -119,7 +119,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Laserfiche
product: ''
cves:
@ -148,7 +148,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LastPass
product: ''
cves:
@ -177,7 +177,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LaunchDarkly
product: ''
cves:
@ -206,7 +206,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leanix
product: ''
cves:
@ -235,7 +235,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leica BIOSYSTEMS
product: Aperio AT2
cves:
@ -614,7 +614,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
product: BOND Controller
cves:
cve-2021-4104:
investigated: false
@ -643,7 +643,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND Controller
product: BOND RX
cves:
cve-2021-4104:
investigated: false
@ -672,7 +672,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
product: BOND RXm
cves:
cve-2021-4104:
investigated: false
@ -701,7 +701,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
@ -730,7 +730,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND RX
product: BOND-III
cves:
cve-2021-4104:
investigated: false
@ -759,7 +759,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND RXm
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
@ -2415,7 +2415,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Let's Encrypt
product: ''
cves:
@ -2444,7 +2444,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LibreNMS
product: ''
cves:
@ -2473,7 +2473,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeRay
product: ''
cves:
@ -2502,7 +2502,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeSize
product: ''
cves:
@ -2531,7 +2531,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lightbend
product: ''
cves:
@ -2560,7 +2560,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lime CRM
product: ''
cves:
@ -2589,7 +2589,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LIONGARD
product: ''
cves:
@ -2618,7 +2618,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiquidFiles
product: ''
cves:
@ -2647,7 +2647,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiveAction
product: ''
cves:
@ -2676,7 +2676,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Loftware
product: ''
cves:
@ -2705,7 +2705,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LOGalyze
product: SIEM & log analyzer tool
cves:
@ -2766,7 +2766,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogicMonitor
product: LogicMonitor Platform
cves:
@ -2795,7 +2795,37 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Logit.io
product: Logit.io Platform
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logit.io/blog/post/logit-io-log4shell-security-update
notes: ''
references:
- ''
last_updated: '2022-02-07T07:10:00+00:00'
- vendor: LogMeIn
product: ''
cves:
@ -2824,7 +2854,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogRhythm
product: ''
cves:
@ -2853,7 +2883,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Looker
product: Looker
cves:
@ -2888,7 +2918,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LucaNet
product: ''
cves:
@ -2917,7 +2947,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lucee
product: ''
cves:
@ -2946,7 +2976,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lyrasis
product: Fedora Repository
cves:

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Maltego
product: ''
cves:
@ -61,9 +61,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ManageEngine
product: Servicedesk Plus
product: AD SelfService Plus
cves:
cve-2021-4104:
investigated: false
@ -72,10 +72,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 11305 and below
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- Build 6.1 build 6114
cve-2021-45046:
investigated: false
affected_versions: []
@ -86,14 +86,13 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.manageengine.com/products/service-desk/security-response-plan.html
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
last_updated: '2021-12-27T00:00:00'
- vendor: ManageEngine
product: AD SelfService Plus
product: Servicedesk Plus
cves:
cve-2021-4104:
investigated: false
@ -102,10 +101,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
affected_versions:
- 11305 and below
fixed_versions: []
unaffected_versions:
- Build 6.1 build 6114
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -116,11 +115,12 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
vendor_links:
- https://www.manageengine.com/products/service-desk/security-response-plan.html
notes: ''
references:
- ''
last_updated: '2021-12-27T00:00:00'
last_updated: '2021-12-15T00:00:00'
- vendor: ManageEngine Zoho
product: ''
cves:
@ -149,9 +149,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ManageEngine Zoho
product: ADManager Plus
product: ADAudit Plus
cves:
cve-2021-4104:
investigated: false
@ -160,8 +160,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -181,7 +180,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: ADAudit Plus
product: ADManager Plus
cves:
cve-2021-4104:
investigated: false
@ -190,8 +189,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -211,7 +209,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: DataSecurity Plus
product: Analytics Plus
cves:
cve-2021-4104:
investigated: false
@ -220,8 +218,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -241,7 +238,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: EventLog Analyzer
product: Cloud Security Plus
cves:
cve-2021-4104:
investigated: false
@ -250,8 +247,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -271,7 +267,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: M365 Manager Plus
product: DataSecurity Plus
cves:
cve-2021-4104:
investigated: false
@ -280,8 +276,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -301,7 +296,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: RecoveryManager Plus
product: EventLog Analyzer
cves:
cve-2021-4104:
investigated: false
@ -310,8 +305,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -340,8 +334,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -370,8 +363,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -400,8 +392,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -421,7 +412,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: Cloud Security Plus
product: M365 Manager Plus
cves:
cve-2021-4104:
investigated: false
@ -430,8 +421,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -460,8 +450,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -481,7 +470,7 @@ software:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho
product: Analytics Plus
product: RecoveryManager Plus
cves:
cve-2021-4104:
investigated: false
@ -490,8 +479,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- On-Prem
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -538,7 +526,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MathWorks
product: All MathWorks general release desktop or server products
cves:
@ -581,7 +569,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -656,7 +644,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mattermost FocalBoard
product: ''
cves:
@ -685,7 +673,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: McAfee
product: Data Exchange Layer (DXL) Client
cves:
@ -939,7 +927,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: ePolicy Orchestrator Application Server (ePO)
product: Enterprise Security Manager (ESM)
cves:
cve-2021-4104:
investigated: false
@ -950,7 +938,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- 5.10 CU11
- 11.5.3
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -997,7 +985,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: Host Intrusion Prevention (Host IPS)
product: ePolicy Orchestrator Application Server (ePO)
cves:
cve-2021-4104:
investigated: false
@ -1005,9 +993,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
fixed_versions:
- 5.10 CU11
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1019,13 +1008,14 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
vendor_links:
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: Management of Native Encryption (MNE)
product: Host Intrusion Prevention (Host IPS)
cves:
cve-2021-4104:
investigated: false
@ -1053,7 +1043,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Active Response (MAR)
product: Management of Native Encryption (MNE)
cves:
cve-2021-4104:
investigated: false
@ -1081,7 +1071,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Agent (MA)
product: McAfee Active Response (MAR)
cves:
cve-2021-4104:
investigated: false
@ -1109,7 +1099,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Application and Change Control (MACC) for Linux
product: McAfee Agent (MA)
cves:
cve-2021-4104:
investigated: false
@ -1137,7 +1127,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Application and Change Control (MACC) for Windows
product: McAfee Application and Change Control (MACC) for Linux
cves:
cve-2021-4104:
investigated: false
@ -1165,7 +1155,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Client Proxy (MCP) for Mac
product: McAfee Application and Change Control (MACC) for Windows
cves:
cve-2021-4104:
investigated: false
@ -1193,7 +1183,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Client Proxy (MCP) for Windows
product: McAfee Client Proxy (MCP) for Mac
cves:
cve-2021-4104:
investigated: false
@ -1221,7 +1211,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Drive Encryption (MDE)
product: McAfee Client Proxy (MCP) for Windows
cves:
cve-2021-4104:
investigated: false
@ -1249,7 +1239,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Security for Microsoft Exchange (MSME)
product: McAfee Drive Encryption (MDE)
cves:
cve-2021-4104:
investigated: false
@ -1277,7 +1267,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: McAfee Security for Microsoft SharePoint (MSMS)
product: McAfee Security for Microsoft Exchange (MSME)
cves:
cve-2021-4104:
investigated: false
@ -1333,7 +1323,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: McAfee
product: Enterprise Security Manager (ESM)
product: McAfee Security for Microsoft SharePoint (MSMS)
cves:
cve-2021-4104:
investigated: false
@ -1341,10 +1331,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions:
- 11.5.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1356,8 +1345,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
vendor_links: []
notes: ''
references:
- ''
@ -1561,7 +1549,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MEINBERG
product: LANTIME and microSync
cves:
@ -1619,7 +1607,7 @@ software:
notes: Project is written in Python
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Memurai
product: ''
cves:
@ -1649,8 +1637,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: MicroFocus
product: ''
- vendor: Micro Focus
product: Data Protector
cves:
cve-2021-4104:
investigated: false
@ -1658,9 +1646,19 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
fixed_versions:
- '10.20'
- '10.30'
- '10.40'
- '10.50'
- '10.60'
- '10.70'
- '10.80'
- '10.90'
- '10.91'
- '11.00'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -1673,13 +1671,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228
- https://portal.microfocus.com/s/article/KM000003052
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
last_updated: '2021-12-13T00:00:00'
- vendor: Microsoft
product: Azure Application Gateway
product: Azure API Gateway
cves:
cve-2021-4104:
investigated: false
@ -1706,9 +1704,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft
product: Azure API Gateway
product: Azure Application Gateway
cves:
cve-2021-4104:
investigated: false
@ -1735,7 +1733,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft
product: Azure Data lake store java
cves:
@ -1765,7 +1763,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft
product: Azure Data lake store java
cves:
@ -1795,9 +1793,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft
product: Azure DevOps Server
product: Azure DevOps
cves:
cve-2021-4104:
investigated: false
@ -1805,9 +1803,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 2019.0 - 2020.1
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1825,9 +1822,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft
product: Azure DevOps
product: Azure DevOps Server
cves:
cve-2021-4104:
investigated: false
@ -1835,8 +1832,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 2019.0 - 2020.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -1854,7 +1852,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft
product: Azure Traffic Manager
cves:
@ -1883,7 +1881,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft
product: Team Foundation Server
cves:
@ -1913,7 +1911,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microstrategy
product: ''
cves:
@ -2000,7 +1998,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Milestone sys
product: ''
cves:
@ -2029,7 +2027,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mimecast
product: ''
cves:
@ -2058,7 +2056,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Minecraft
product: ''
cves:
@ -2087,7 +2085,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mirantis
product: ''
cves:
@ -2116,7 +2114,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Miro
product: ''
cves:
@ -2145,7 +2143,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mitel
product: ''
cves:
@ -2174,7 +2172,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MMM Group
product: Control software of all MMM series
cves:
@ -2233,143 +2231,6 @@ software:
references:
- ''
last_updated: '2022-01-05T00:00:00'
- vendor: MobileIron
product: Core
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All Versions
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MobileIron
product: Core Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All Versions
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MobileIron
product: Reporting Database (RDB)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All Versions
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MobileIron
product: Sentry
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '9.13'
- '9.14'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MongoDB
product: All other components of MongoDB Atlas (including Atlas Database, Data
Lake, Charts)
@ -2399,7 +2260,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB
product: MongoDB Atlas Search
cves:
@ -2428,7 +2289,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB
product: MongoDB Community Edition (including Community Server, Cloud Manager,
Community Kubernetes Operators)
@ -2458,7 +2319,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB
product: MongoDB Drivers
cves:
@ -2487,7 +2348,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB
product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager,
Enterprise Kubernetes Operators)
@ -2517,7 +2378,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB
product: MongoDB Realm (including Realm Database, Sync, Functions, APIs)
cves:
@ -2546,7 +2407,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB
product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas
CLI, Database Connectors)
@ -2576,7 +2437,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Moodle
product: ''
cves:
@ -2605,7 +2466,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MoogSoft
product: ''
cves:
@ -2634,7 +2495,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Motorola Avigilon
product: ''
cves:
@ -2664,6 +2525,38 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Moxa
product: ''
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
notes: Moxa is investigating to determine if any of our products are affected
by this vulnerability. At the time of publication, none of Moxa's products are
affected.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Mulesoft
product: ''
cves:
@ -2693,9 +2586,9 @@ software:
by CISA
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mulesoft
product: Mule Runtime
product: Anypoint Studio
cves:
cve-2021-4104:
investigated: false
@ -2705,8 +2598,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 3.x
- 4.x
- 7.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -2727,7 +2619,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Mule Agent
product: Cloudhub
cves:
cve-2021-4104:
investigated: false
@ -2735,9 +2627,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.x
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -2758,7 +2649,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Cloudhub
product: Mule Agent
cves:
cve-2021-4104:
investigated: false
@ -2766,8 +2657,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 6.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -2788,7 +2680,7 @@ software:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft
product: Anypoint Studio
product: Mule Runtime
cves:
cve-2021-4104:
investigated: false
@ -2798,7 +2690,8 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 3.x
- 4.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nagios
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NAKIVO
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: National Instruments
product: OptimalPlus
cves:
@ -102,9 +102,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 'Vertica'
- 'Cloudera'
- 'Logstash'
- Vertica
- Cloudera
- Logstash
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -136,7 +136,7 @@ software:
investigated: true
affected_versions:
- '>4.2'
- '<4..2.12'
- <4..2.12
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -182,7 +182,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netcup
product: ''
cves:
@ -211,7 +211,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NetGate PFSense
product: ''
cves:
@ -240,7 +240,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netwrix
product: ''
cves:
@ -269,7 +269,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: New Relic
product: Containerized Private Minion (CPM)
cves:
@ -282,7 +282,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- '3.0.57'
- 3.0.57
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -312,7 +312,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '<7.4.3'
- <7.4.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -360,7 +360,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nextflow
product: Nextflow
cves:
@ -374,7 +374,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- '21.04.0.5552'
- 21.04.0.5552
cve-2021-45046:
investigated: false
affected_versions: []
@ -448,7 +448,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NinjaRMM
product: ''
cves:
@ -478,7 +478,7 @@ software:
by CISA
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nomachine
product: ''
cves:
@ -507,7 +507,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NoviFlow
product: ''
cves:
@ -536,7 +536,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Backlog
cves:
@ -566,7 +566,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Backlog Enterprise (On-premises)
cves:
@ -596,7 +596,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Cacoo
cves:
@ -626,7 +626,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Cacoo Enterprise (On-premises)
cves:
@ -656,7 +656,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Typetalk
cves:
@ -686,7 +686,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nutanix
product: AHV
cves:
@ -1343,7 +1343,7 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
product: LCM
cves:
cve-2021-4104:
investigated: false
@ -1351,10 +1351,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -1367,12 +1368,12 @@ software:
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: LCM
product: Leap
cves:
cve-2021-4104:
investigated: false
@ -1380,11 +1381,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1397,7 +1397,7 @@ software:
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: ''
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
@ -1758,7 +1758,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NXLog
product: ''
cves:
@ -1787,5 +1787,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

@ -154,4 +154,35 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: 7Signal
product: Sapphire
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.7signal.com/info/se-release-notes
notes: Fix released 2021-12-14
references:
- ''
last_updated: '2021-12-14T00:00:00'
...

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OCLC
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Octopus
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Okta
product: Advanced Server Access
cves:
@ -295,7 +295,7 @@ software:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta RADIUS Server Agent
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
@ -305,7 +305,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 2.17.0
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -319,13 +319,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta Verify
product: Okta RADIUS Server Agent
cves:
cve-2021-4104:
investigated: false
@ -333,8 +333,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- < 2.17.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -348,13 +349,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sec.okta.com/articles/2021/12/log4shell
- https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta Workflows
product: Okta Verify
cves:
cve-2021-4104:
investigated: false
@ -383,7 +384,7 @@ software:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
product: Okta Workflows
cves:
cve-2021-4104:
investigated: false
@ -391,9 +392,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -407,7 +407,7 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
- https://sec.okta.com/articles/2021/12/log4shell
notes: ''
references:
- ''
@ -440,7 +440,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Opengear
product: ''
cves:
@ -469,7 +469,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenMRS TALK
product: ''
cves:
@ -498,7 +498,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenNMS
product: ''
cves:
@ -527,7 +527,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenSearch
product: ''
cves:
@ -556,7 +556,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenText
product: ''
cves:
@ -587,7 +587,7 @@ software:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
cves:
cve-2021-4104:
investigated: false
@ -597,9 +597,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
- < 4.3g
fixed_versions:
- 3.3.2
- 4.3g
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -618,7 +618,7 @@ software:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
product: GROOV-AT1, GROOV-AT1-SNAP
cves:
cve-2021-4104:
investigated: false
@ -649,7 +649,7 @@ software:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GROOV-AT1, GROOV-AT1-SNAP
product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
cves:
cve-2021-4104:
investigated: false
@ -680,7 +680,7 @@ software:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
@ -690,9 +690,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 4.3g
- < 3.3.2
fixed_versions:
- 4.3g
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -741,7 +741,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Oracle
product: Exadata
product: Enterprise Manager
cves:
cve-2021-4104:
investigated: false
@ -751,7 +751,8 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <21.3.4
- '13.5'
- 13.4 & 13.3.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -773,7 +774,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Oracle
product: Enterprise Manager
product: Exadata
cves:
cve-2021-4104:
investigated: false
@ -783,8 +784,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '13.5'
- 13.4 & 13.3.2
- <21.3.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -833,7 +833,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium
product: PAM
cves:
@ -862,7 +862,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium
product: PEM
cves:
@ -891,7 +891,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium
product: PPA
cves:
@ -920,7 +920,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OTRS
product: ''
cves:
@ -949,7 +949,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OVHCloud
product: ''
cves:
@ -978,7 +978,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OwnCloud
product: ''
cves:
@ -1007,7 +1007,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OxygenXML
product: Author
cves:

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

@ -33,7 +33,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ubiquiti
product: UniFi Network Controller
cves:
@ -93,9 +93,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Umbraco
product: ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: UiPath
product: InSights
cves:
cve-2021-4104:
investigated: false
@ -103,8 +103,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- '20.10'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -118,12 +119,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UniFlow
last_updated: '2021-12-15T00:00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
@ -147,12 +148,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unify ATOS
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
@ -176,12 +177,12 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unimus
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
@ -205,13 +206,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UiPath
product: InSights
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
@ -219,9 +220,8 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '20.10'
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -235,11 +235,11 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: USSIGNAL MSP
product: ''
cves:
@ -268,5 +268,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

@ -4,35 +4,6 @@ owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varian
product: Acuity
cves:
@ -64,7 +35,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
product: ARIA Connect (Cloverleaf)
cves:
cve-2021-4104:
investigated: false
@ -72,11 +43,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -94,7 +65,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA Connect (Cloverleaf)
product: ARIA eDOC
cves:
cve-2021-4104:
investigated: false
@ -154,7 +125,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
@ -162,11 +133,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -184,7 +155,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
product: ARIA Radiation Therapy Management System (RTM)
cves:
cve-2021-4104:
investigated: false
@ -214,7 +185,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA eDOC
product: Bravos Console
cves:
cve-2021-4104:
investigated: false
@ -244,7 +215,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology
product: Clinac
cves:
cve-2021-4104:
investigated: false
@ -274,37 +245,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA Radiation Therapy Management System (RTM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Bravos Console
product: Cloud Planner
cves:
cve-2021-4104:
investigated: false
@ -334,7 +275,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Clinac
product: DITC
cves:
cve-2021-4104:
investigated: false
@ -364,7 +305,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Cloud Planner
product: DoseLab
cves:
cve-2021-4104:
investigated: false
@ -394,7 +335,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DoseLab
product: Eclipse treatment planning software
cves:
cve-2021-4104:
investigated: false
@ -424,7 +365,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Eclipse treatment planning software
product: ePeerReview
cves:
cve-2021-4104:
investigated: false
@ -432,11 +373,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -454,7 +395,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ePeerReview
product: Ethos
cves:
cve-2021-4104:
investigated: false
@ -462,11 +403,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -484,7 +425,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Ethos
product: FullScale oncology IT solutions
cves:
cve-2021-4104:
investigated: false
@ -492,11 +433,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -514,7 +455,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: FullScale oncology IT solutions
product: Halcyon system
cves:
cve-2021-4104:
investigated: false
@ -544,7 +485,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Halcyon system
product: ICAP
cves:
cve-2021-4104:
investigated: false
@ -552,11 +493,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -694,7 +635,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ICAP
product: Mobius3D platform
cves:
cve-2021-4104:
investigated: false
@ -724,7 +665,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Mobius3D platform
product: PaaS
cves:
cve-2021-4104:
investigated: false
@ -934,7 +875,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: PaaS
product: TrueBeam radiotherapy system
cves:
cve-2021-4104:
investigated: false
@ -964,7 +905,37 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: TrueBeam radiotherapy system
product: UNIQUE system
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Authentication and Identity Server (VAIS)
cves:
cve-2021-4104:
investigated: false
@ -994,7 +965,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: UNIQUE system
product: Varian Managed Services Cloud
cves:
cve-2021-4104:
investigated: false
@ -1024,7 +995,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Authentication and Identity Server (VAIS)
product: Varian Mobile App
cves:
cve-2021-4104:
investigated: false
@ -1036,7 +1007,8 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
- '2.0'
- '2.5'
cve-2021-45046:
investigated: false
affected_versions: []
@ -1054,7 +1026,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Managed Services Cloud
product: VariSeed
cves:
cve-2021-4104:
investigated: false
@ -1062,11 +1034,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -1084,7 +1056,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Mobile App
product: Velocity
cves:
cve-2021-4104:
investigated: false
@ -1096,8 +1068,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- '2.0'
- '2.5'
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -1115,7 +1086,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: VariSeed
product: VitalBeam radiotherapy system
cves:
cve-2021-4104:
investigated: false
@ -1145,7 +1116,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Velocity
product: Vitesse
cves:
cve-2021-4104:
investigated: false
@ -1175,7 +1146,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: VitalBeam radiotherapy system
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
@ -1183,11 +1154,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1205,7 +1176,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Vitesse
product: XMediusFax for ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
@ -1213,11 +1184,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
@ -1234,6 +1205,35 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varnish Software
product: ''
cves:
@ -1262,7 +1262,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varonis
product: ''
cves:
@ -1291,7 +1291,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veeam
product: ''
cves:
@ -1320,7 +1320,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Venafi
product: ''
cves:
@ -1349,7 +1349,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veritas NetBackup
product: ''
cves:
@ -1378,7 +1378,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Vertica
product: ''
cves:
@ -1408,6 +1408,36 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Video Insight Inc.
product: Video Insight
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://i-pro.com/eu/en/surveillance/news/i-pro-products-and-log4j-2x-vulnerability
notes: Video Insight is a part of Panasonic I-Pro.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Viso Trust
product: ''
cves:
@ -1436,7 +1466,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: VMware
product: API Portal for VMware Tanzu
cves:
@ -1648,6 +1678,71 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: VMware Carbon Black Cloud Workload Appliance
cves:
@ -2261,71 +2356,6 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: VMware vRealize Automation
cves:
@ -2584,7 +2614,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: ''
affected_versions: []

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

@ -4,6 +4,40 @@ owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: Yahoo
product: Vespa
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://blog.vespa.ai/log4j-vulnerability/
notes: Your Vespa application may still be affected if log4j is included in your
application package.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yellowbrick
product: ''
cves:
@ -32,9 +66,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YellowFin
product: ''
product: All
cves:
cve-2021-4104:
investigated: false
@ -42,10 +76,42 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 8.0.10.3, 9.7.0.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
notes: v7 and v6 releases are not affected unless you have manually upgraded to
Log4j2.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yenlo
product: Connext
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.x
cve-2021-45046:
investigated: false
affected_versions: []
@ -57,13 +123,134 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
- https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components
are not vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YOKOGAWA
product: CENTUM VP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: CENTUM VP (other components)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is
still under investigation.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: CI Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ''
product: Exaopc
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaplog
cves:
cve-2021-4104:
investigated: false
@ -71,10 +258,41 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaquantum
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -91,8 +309,8 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YSoft SAFEQ
product: ''
- vendor: YOKOGAWA
product: FAST/TOOLS
cves:
cve-2021-4104:
investigated: false
@ -100,10 +318,252 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: PRM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: STARDOM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: VTSPortal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YSoft
product: SAFEQ 4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 5
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 6
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- <=6.0.63
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -119,5 +579,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-02-01T07:18:50+00:00'
...

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZAMMAD
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zaproxy
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zebra
product: ''
cves:
@ -119,7 +119,193 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zeiss
product: Cataract Suite
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.3.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: EQ Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.6, 1.8
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: FORUM
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 4.2.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Glaucoma Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 3.5.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Laser Treatment Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Retina Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 2.5.x, 2.6.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zendesk
product: All Products
cves:
@ -180,7 +366,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zentera Systems, Inc.
product: CoIP Access Platform
cves:
@ -212,34 +398,137 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Zerto
product: ''
product: Cloud Appliance
cves:
cve-2021-4104:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Cloud Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Replication Appliance
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zesty
product: ''
cves:
@ -268,7 +557,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zimbra
product: ''
cves:
@ -297,7 +586,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zix
product: ''
cves:
@ -327,35 +616,72 @@ software:
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Zoom
product: ''
- vendor: Zoho
product: Online
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zoho.com/portal/en/community/topic/update-on-the-recent-apache-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zoom
product: ''
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZPE systems Inc
product: ''
cves:
@ -384,7 +710,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zscaler
product: See Link (Multiple Products)
cves:
@ -442,15 +768,82 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zyxel
product: Security Firewall/Gateways
product: All other products
cves:
cve-2021-4104:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel
product: Netlas Element Management System (EMS)
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel
product: Security Firewall/Gateways
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
@ -459,15 +852,17 @@ software:
- ZLD Firmware Security Services
- Nebula
cve-2021-45046:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: ''

Loading…
Cancel
Save