|
|
@ -32,7 +32,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Maltego |
|
|
|
- vendor: Maltego |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -61,9 +61,9 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: ManageEngine |
|
|
|
- vendor: ManageEngine |
|
|
|
product: Servicedesk Plus |
|
|
|
product: AD SelfService Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -72,10 +72,10 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: true |
|
|
|
investigated: true |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- 11305 and below |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: |
|
|
|
|
|
|
|
- Build 6.1 build 6114 |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
@ -86,14 +86,13 @@ software: |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
vendor_links: |
|
|
|
vendor_links: [] |
|
|
|
- https://www.manageengine.com/products/service-desk/security-response-plan.html |
|
|
|
|
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
last_updated: '2021-12-27T00:00:00' |
|
|
|
- vendor: ManageEngine |
|
|
|
- vendor: ManageEngine |
|
|
|
product: AD SelfService Plus |
|
|
|
product: Servicedesk Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -102,10 +101,10 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: true |
|
|
|
investigated: true |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: |
|
|
|
|
|
|
|
- 11305 and below |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: |
|
|
|
unaffected_versions: [] |
|
|
|
- Build 6.1 build 6114 |
|
|
|
|
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
@ -116,11 +115,12 @@ software: |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
vendor_links: [] |
|
|
|
vendor_links: |
|
|
|
|
|
|
|
- https://www.manageengine.com/products/service-desk/security-response-plan.html |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-27T00:00:00' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -149,9 +149,9 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: ADManager Plus |
|
|
|
product: ADAudit Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -160,8 +160,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -181,7 +180,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: ADAudit Plus |
|
|
|
product: ADManager Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -190,8 +189,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -211,7 +209,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: DataSecurity Plus |
|
|
|
product: Analytics Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -220,8 +218,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -241,7 +238,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: EventLog Analyzer |
|
|
|
product: Cloud Security Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -250,8 +247,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -271,7 +267,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: M365 Manager Plus |
|
|
|
product: DataSecurity Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -280,8 +276,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -301,7 +296,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: RecoveryManager Plus |
|
|
|
product: EventLog Analyzer |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -310,8 +305,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -340,8 +334,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -370,8 +363,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -400,8 +392,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -421,7 +412,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: Cloud Security Plus |
|
|
|
product: M365 Manager Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -430,8 +421,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -460,8 +450,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -481,7 +470,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
last_updated: '2021-12-16T00:00:00' |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
- vendor: ManageEngine Zoho |
|
|
|
product: Analytics Plus |
|
|
|
product: RecoveryManager Plus |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -490,8 +479,7 @@ software: |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- On-Prem |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -538,7 +526,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MathWorks |
|
|
|
- vendor: MathWorks |
|
|
|
product: All MathWorks general release desktop or server products |
|
|
|
product: All MathWorks general release desktop or server products |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -581,7 +569,7 @@ software: |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: |
|
|
|
unaffected_versions: |
|
|
|
- 'All' |
|
|
|
- All |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
@ -656,7 +644,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Mattermost FocalBoard |
|
|
|
- vendor: Mattermost FocalBoard |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -685,7 +673,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: Data Exchange Layer (DXL) Client |
|
|
|
product: Data Exchange Layer (DXL) Client |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -939,7 +927,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: ePolicy Orchestrator Application Server (ePO) |
|
|
|
product: Enterprise Security Manager (ESM) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -950,7 +938,7 @@ software: |
|
|
|
investigated: true |
|
|
|
investigated: true |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: |
|
|
|
fixed_versions: |
|
|
|
- 5.10 CU11 |
|
|
|
- 11.5.3 |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -997,7 +985,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: Host Intrusion Prevention (Host IPS) |
|
|
|
product: ePolicy Orchestrator Application Server (ePO) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1005,9 +993,10 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: true |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: |
|
|
|
|
|
|
|
- 5.10 CU11 |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1019,13 +1008,14 @@ software: |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
vendor_links: [] |
|
|
|
vendor_links: |
|
|
|
|
|
|
|
- https://kc.mcafee.com/agent/index?page=content&id=SB10377 |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: Management of Native Encryption (MNE) |
|
|
|
product: Host Intrusion Prevention (Host IPS) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1053,7 +1043,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Active Response (MAR) |
|
|
|
product: Management of Native Encryption (MNE) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1081,7 +1071,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Agent (MA) |
|
|
|
product: McAfee Active Response (MAR) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1109,7 +1099,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Application and Change Control (MACC) for Linux |
|
|
|
product: McAfee Agent (MA) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1137,7 +1127,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Application and Change Control (MACC) for Windows |
|
|
|
product: McAfee Application and Change Control (MACC) for Linux |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1165,7 +1155,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Client Proxy (MCP) for Mac |
|
|
|
product: McAfee Application and Change Control (MACC) for Windows |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1193,7 +1183,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Client Proxy (MCP) for Windows |
|
|
|
product: McAfee Client Proxy (MCP) for Mac |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1221,7 +1211,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Drive Encryption (MDE) |
|
|
|
product: McAfee Client Proxy (MCP) for Windows |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1249,7 +1239,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Security for Microsoft Exchange (MSME) |
|
|
|
product: McAfee Drive Encryption (MDE) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1277,7 +1267,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: McAfee Security for Microsoft SharePoint (MSMS) |
|
|
|
product: McAfee Security for Microsoft Exchange (MSME) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1333,7 +1323,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
- vendor: McAfee |
|
|
|
- vendor: McAfee |
|
|
|
product: Enterprise Security Manager (ESM) |
|
|
|
product: McAfee Security for Microsoft SharePoint (MSMS) |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1341,10 +1331,9 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: true |
|
|
|
investigated: false |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: |
|
|
|
fixed_versions: [] |
|
|
|
- 11.5.3 |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1356,8 +1345,7 @@ software: |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
vendor_links: |
|
|
|
vendor_links: [] |
|
|
|
- https://kc.mcafee.com/agent/index?page=content&id=SB10377 |
|
|
|
|
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
@ -1561,7 +1549,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MEINBERG |
|
|
|
- vendor: MEINBERG |
|
|
|
product: LANTIME and microSync |
|
|
|
product: LANTIME and microSync |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -1619,7 +1607,7 @@ software: |
|
|
|
notes: Project is written in Python |
|
|
|
notes: Project is written in Python |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Memurai |
|
|
|
- vendor: Memurai |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -1650,7 +1638,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
- vendor: Micro Focus |
|
|
|
- vendor: Micro Focus |
|
|
|
product: '' |
|
|
|
product: Data Protector |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1658,9 +1646,19 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: true |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: |
|
|
|
|
|
|
|
- '10.20' |
|
|
|
|
|
|
|
- '10.30' |
|
|
|
|
|
|
|
- '10.40' |
|
|
|
|
|
|
|
- '10.50' |
|
|
|
|
|
|
|
- '10.60' |
|
|
|
|
|
|
|
- '10.70' |
|
|
|
|
|
|
|
- '10.80' |
|
|
|
|
|
|
|
- '10.90' |
|
|
|
|
|
|
|
- '10.91' |
|
|
|
|
|
|
|
- '11.00' |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1673,13 +1671,13 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
vendor_links: |
|
|
|
vendor_links: |
|
|
|
- https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228 |
|
|
|
- https://portal.microfocus.com/s/article/KM000003052 |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2021-12-13T00:00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Azure Application Gateway |
|
|
|
product: Azure API Gateway |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1706,9 +1704,9 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Azure API Gateway |
|
|
|
product: Azure Application Gateway |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1735,7 +1733,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Azure Data lake store java |
|
|
|
product: Azure Data lake store java |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -1765,7 +1763,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Azure Data lake store java |
|
|
|
product: Azure Data lake store java |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -1795,9 +1793,9 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Azure DevOps Server |
|
|
|
product: Azure DevOps |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1805,9 +1803,8 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: true |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- 2019.0 - 2020.1 |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -1825,9 +1822,9 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Azure DevOps |
|
|
|
product: Azure DevOps Server |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -1835,8 +1832,9 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: true |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: |
|
|
|
|
|
|
|
- 2019.0 - 2020.1 |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -1854,7 +1852,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Azure Traffic Manager |
|
|
|
product: Azure Traffic Manager |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -1883,7 +1881,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microsoft |
|
|
|
- vendor: Microsoft |
|
|
|
product: Team Foundation Server |
|
|
|
product: Team Foundation Server |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -1913,7 +1911,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Microstrategy |
|
|
|
- vendor: Microstrategy |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2000,7 +1998,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Milestone sys |
|
|
|
- vendor: Milestone sys |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2029,7 +2027,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Mimecast |
|
|
|
- vendor: Mimecast |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2058,7 +2056,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Minecraft |
|
|
|
- vendor: Minecraft |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2087,7 +2085,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Mirantis |
|
|
|
- vendor: Mirantis |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2116,7 +2114,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Miro |
|
|
|
- vendor: Miro |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2145,7 +2143,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Mitel |
|
|
|
- vendor: Mitel |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2174,7 +2172,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MMM Group |
|
|
|
- vendor: MMM Group |
|
|
|
product: Control software of all MMM series |
|
|
|
product: Control software of all MMM series |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2233,143 +2231,6 @@ software: |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-05T00:00:00' |
|
|
|
last_updated: '2022-01-05T00:00:00' |
|
|
|
- vendor: MobileIron |
|
|
|
|
|
|
|
product: Core |
|
|
|
|
|
|
|
cves: |
|
|
|
|
|
|
|
cve-2021-4104: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-44228: |
|
|
|
|
|
|
|
investigated: true |
|
|
|
|
|
|
|
affected_versions: |
|
|
|
|
|
|
|
- All Versions |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45046: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45105: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
vendor_links: |
|
|
|
|
|
|
|
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US |
|
|
|
|
|
|
|
notes: The mitigation instructions listed in a subsequent section removes a vulnerable |
|
|
|
|
|
|
|
Java class (JNDILookUp.class) from the affected Log4J Java library and as a |
|
|
|
|
|
|
|
result removes the ability to perform the RCE attack. The workaround needs |
|
|
|
|
|
|
|
to be applied in a maintenance window. You will not be able to access the admin |
|
|
|
|
|
|
|
portal during the procedure, however, end user devices will continue to function. |
|
|
|
|
|
|
|
references: |
|
|
|
|
|
|
|
- '' |
|
|
|
|
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
|
|
|
|
- vendor: MobileIron |
|
|
|
|
|
|
|
product: Core Connector |
|
|
|
|
|
|
|
cves: |
|
|
|
|
|
|
|
cve-2021-4104: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-44228: |
|
|
|
|
|
|
|
investigated: true |
|
|
|
|
|
|
|
affected_versions: |
|
|
|
|
|
|
|
- All Versions |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45046: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45105: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
vendor_links: |
|
|
|
|
|
|
|
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US |
|
|
|
|
|
|
|
notes: The mitigation instructions listed in a subsequent section removes a vulnerable |
|
|
|
|
|
|
|
Java class (JNDILookUp.class) from the affected Log4J Java library and as a |
|
|
|
|
|
|
|
result removes the ability to perform the RCE attack. The workaround needs |
|
|
|
|
|
|
|
to be applied in a maintenance window. You will not be able to access the admin |
|
|
|
|
|
|
|
portal during the procedure, however, end user devices will continue to function. |
|
|
|
|
|
|
|
references: |
|
|
|
|
|
|
|
- '' |
|
|
|
|
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
|
|
|
|
- vendor: MobileIron |
|
|
|
|
|
|
|
product: Reporting Database (RDB) |
|
|
|
|
|
|
|
cves: |
|
|
|
|
|
|
|
cve-2021-4104: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-44228: |
|
|
|
|
|
|
|
investigated: true |
|
|
|
|
|
|
|
affected_versions: |
|
|
|
|
|
|
|
- All Versions |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45046: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45105: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
vendor_links: |
|
|
|
|
|
|
|
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US |
|
|
|
|
|
|
|
notes: The mitigation instructions listed in a subsequent section removes a vulnerable |
|
|
|
|
|
|
|
Java class (JNDILookUp.class) from the affected Log4J Java library and as a |
|
|
|
|
|
|
|
result removes the ability to perform the RCE attack. The workaround needs |
|
|
|
|
|
|
|
to be applied in a maintenance window. You will not be able to access the admin |
|
|
|
|
|
|
|
portal during the procedure, however, end user devices will continue to function. |
|
|
|
|
|
|
|
references: |
|
|
|
|
|
|
|
- '' |
|
|
|
|
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
|
|
|
|
- vendor: MobileIron |
|
|
|
|
|
|
|
product: Sentry |
|
|
|
|
|
|
|
cves: |
|
|
|
|
|
|
|
cve-2021-4104: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-44228: |
|
|
|
|
|
|
|
investigated: true |
|
|
|
|
|
|
|
affected_versions: |
|
|
|
|
|
|
|
- '9.13' |
|
|
|
|
|
|
|
- '9.14' |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45046: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45105: |
|
|
|
|
|
|
|
investigated: false |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
vendor_links: |
|
|
|
|
|
|
|
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US |
|
|
|
|
|
|
|
notes: The mitigation instructions listed in a subsequent section removes a vulnerable |
|
|
|
|
|
|
|
Java class (JNDILookUp.class) from the affected Log4J Java library and as a |
|
|
|
|
|
|
|
result removes the ability to perform the RCE attack. The workaround needs |
|
|
|
|
|
|
|
to be applied in a maintenance window. You will not be able to access the admin |
|
|
|
|
|
|
|
portal during the procedure, however, end user devices will continue to function. |
|
|
|
|
|
|
|
references: |
|
|
|
|
|
|
|
- '' |
|
|
|
|
|
|
|
last_updated: '2021-12-20T00:00:00' |
|
|
|
|
|
|
|
- vendor: MongoDB |
|
|
|
- vendor: MongoDB |
|
|
|
product: All other components of MongoDB Atlas (including Atlas Database, Data |
|
|
|
product: All other components of MongoDB Atlas (including Atlas Database, Data |
|
|
|
Lake, Charts) |
|
|
|
Lake, Charts) |
|
|
@ -2399,7 +2260,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MongoDB |
|
|
|
- vendor: MongoDB |
|
|
|
product: MongoDB Atlas Search |
|
|
|
product: MongoDB Atlas Search |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2428,7 +2289,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MongoDB |
|
|
|
- vendor: MongoDB |
|
|
|
product: MongoDB Community Edition (including Community Server, Cloud Manager, |
|
|
|
product: MongoDB Community Edition (including Community Server, Cloud Manager, |
|
|
|
Community Kubernetes Operators) |
|
|
|
Community Kubernetes Operators) |
|
|
@ -2458,7 +2319,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MongoDB |
|
|
|
- vendor: MongoDB |
|
|
|
product: MongoDB Drivers |
|
|
|
product: MongoDB Drivers |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2487,7 +2348,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MongoDB |
|
|
|
- vendor: MongoDB |
|
|
|
product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, |
|
|
|
product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, |
|
|
|
Enterprise Kubernetes Operators) |
|
|
|
Enterprise Kubernetes Operators) |
|
|
@ -2517,7 +2378,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MongoDB |
|
|
|
- vendor: MongoDB |
|
|
|
product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) |
|
|
|
product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2546,7 +2407,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MongoDB |
|
|
|
- vendor: MongoDB |
|
|
|
product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas |
|
|
|
product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas |
|
|
|
CLI, Database Connectors) |
|
|
|
CLI, Database Connectors) |
|
|
@ -2576,7 +2437,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Moodle |
|
|
|
- vendor: Moodle |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2605,7 +2466,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: MoogSoft |
|
|
|
- vendor: MoogSoft |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2634,7 +2495,7 @@ software: |
|
|
|
notes: '' |
|
|
|
notes: '' |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Motorola Avigilon |
|
|
|
- vendor: Motorola Avigilon |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2664,6 +2525,38 @@ software: |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
|
|
|
|
- vendor: Moxa |
|
|
|
|
|
|
|
product: '' |
|
|
|
|
|
|
|
cves: |
|
|
|
|
|
|
|
cve-2021-4104: |
|
|
|
|
|
|
|
investigated: '' |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-44228: |
|
|
|
|
|
|
|
investigated: true |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: |
|
|
|
|
|
|
|
- All |
|
|
|
|
|
|
|
cve-2021-45046: |
|
|
|
|
|
|
|
investigated: '' |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
cve-2021-45105: |
|
|
|
|
|
|
|
investigated: '' |
|
|
|
|
|
|
|
affected_versions: [] |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
|
|
|
|
unaffected_versions: [] |
|
|
|
|
|
|
|
vendor_links: |
|
|
|
|
|
|
|
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability |
|
|
|
|
|
|
|
notes: Moxa is investigating to determine if any of our products are affected |
|
|
|
|
|
|
|
by this vulnerability. At the time of publication, none of Moxa's products are |
|
|
|
|
|
|
|
affected. |
|
|
|
|
|
|
|
references: |
|
|
|
|
|
|
|
- '' |
|
|
|
|
|
|
|
last_updated: '2022-01-19T00:00:00' |
|
|
|
- vendor: Mulesoft |
|
|
|
- vendor: Mulesoft |
|
|
|
product: '' |
|
|
|
product: '' |
|
|
|
cves: |
|
|
|
cves: |
|
|
@ -2693,9 +2586,9 @@ software: |
|
|
|
by CISA |
|
|
|
by CISA |
|
|
|
references: |
|
|
|
references: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2022-01-12T07:18:54+00:00' |
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
- vendor: Mulesoft |
|
|
|
- vendor: Mulesoft |
|
|
|
product: Mule Runtime |
|
|
|
product: Anypoint Studio |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -2705,8 +2598,7 @@ software: |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: true |
|
|
|
investigated: true |
|
|
|
affected_versions: |
|
|
|
affected_versions: |
|
|
|
- 3.x |
|
|
|
- 7.x |
|
|
|
- 4.x |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -2727,7 +2619,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
- vendor: Mulesoft |
|
|
|
- vendor: Mulesoft |
|
|
|
product: Mule Agent |
|
|
|
product: Cloudhub |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -2735,9 +2627,8 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: true |
|
|
|
investigated: false |
|
|
|
affected_versions: |
|
|
|
affected_versions: [] |
|
|
|
- 6.x |
|
|
|
|
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -2758,7 +2649,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
- vendor: Mulesoft |
|
|
|
- vendor: Mulesoft |
|
|
|
product: Cloudhub |
|
|
|
product: Mule Agent |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -2766,8 +2657,9 @@ software: |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: false |
|
|
|
investigated: true |
|
|
|
affected_versions: [] |
|
|
|
affected_versions: |
|
|
|
|
|
|
|
- 6.x |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
@ -2788,7 +2680,7 @@ software: |
|
|
|
- '' |
|
|
|
- '' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
last_updated: '2021-12-15T00:00:00' |
|
|
|
- vendor: Mulesoft |
|
|
|
- vendor: Mulesoft |
|
|
|
product: Anypoint Studio |
|
|
|
product: Mule Runtime |
|
|
|
cves: |
|
|
|
cves: |
|
|
|
cve-2021-4104: |
|
|
|
cve-2021-4104: |
|
|
|
investigated: false |
|
|
|
investigated: false |
|
|
@ -2798,7 +2690,8 @@ software: |
|
|
|
cve-2021-44228: |
|
|
|
cve-2021-44228: |
|
|
|
investigated: true |
|
|
|
investigated: true |
|
|
|
affected_versions: |
|
|
|
affected_versions: |
|
|
|
- 7.x |
|
|
|
- 3.x |
|
|
|
|
|
|
|
- 4.x |
|
|
|
fixed_versions: [] |
|
|
|
fixed_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
unaffected_versions: [] |
|
|
|
cve-2021-45046: |
|
|
|
cve-2021-45046: |
|
|
|