r3pek/log4j-affected-db
1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 16:40:48 +00:00
Code Releases Activity

Merge branch 'develop' into dependabot/github_actions/lewagon/wait-on-check-action-1.1.1

Browse source
This commit is contained in:
Nick 2022-02-25 12:07:01 -05:00 committed by GitHub
commit 398415eb33
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
36 changed files with 95230 additions and 20622 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.github/dependabot.yml vendored
View file

@ -1,5 +1,10 @@
--- ---
# Any ignore directives should be uncommented in downstream projects to disable
# Dependabot updates for the given dependency. Downstream projects will get
# these updates when the pull request(s) in the appropriate skeleton are merged
# and Lineage processes these changes.
version: 2 version: 2
updates: updates:
- package-ecosystem: "github-actions" - package-ecosystem: "github-actions"

8
.github/workflows/update_software_list.yml vendored
View file

@ -68,6 +68,12 @@ jobs:
run: pip install --upgrade --requirement config/requirements.txt run: pip install --upgrade --requirement config/requirements.txt
- name: Create the branch for test validation - name: Create the branch for test validation
run: git switch --create ${{ needs.setup.outputs.testing_branch }} run: git switch --create ${{ needs.setup.outputs.testing_branch }}
- name: Normalize individual cisagov_*.yml files
run: |
for file in data/cisagov_*yml; do \
normalize-yml --cisagov-format "$file" > "$file".tmp; \
mv --force "$file".tmp "$file"; \
done
- name: Update the comprehensive cisagov YAML file - name: Update the comprehensive cisagov YAML file
run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml
- name: Generate a normalized YAML file from all source YAML files - name: Generate a normalized YAML file from all source YAML files
@ -84,7 +90,7 @@ jobs:
commit_user_name: ${{ needs.setup.outputs.git_user }} commit_user_name: ${{ needs.setup.outputs.git_user }}
commit_user_email: ${{ needs.setup.outputs.git_email }} commit_user_email: ${{ needs.setup.outputs.git_email }}
commit_author: ${{ needs.setup.outputs.git_author }} commit_author: ${{ needs.setup.outputs.git_author }}
file_pattern: SOFTWARE-LIST.md data/cisagov.yml file_pattern: SOFTWARE-LIST.md data/cisagov*.yml
merge_list_update: merge_list_update:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: needs:

12
.mdl_config.yaml
View file

@ -44,7 +44,17 @@ MD035:
# Enforce dashes for horizontal rules # Enforce dashes for horizontal rules
style: "---" style: "---"
# MD046/code-block-style Code block style # MD046/code-block-style - Code block style
MD046: MD046:
# Enforce the fenced style for code blocks # Enforce the fenced style for code blocks
style: "fenced" style: "fenced"
# MD049/emphasis-style - Emphasis style should be consistent
MD049:
# Enforce asterisks as the style to use for emphasis
style: "asterisk"
# MD050/strong-style - Strong style should be consistent
MD050:
# Enforce asterisks as the style to use for strong
style: "asterisk"

2
.pre-commit-config.yaml
View file

@ -31,7 +31,7 @@ repos:
# Text file hooks # Text file hooks
- repo: https://github.com/igorshubovych/markdownlint-cli - repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.30.0 rev: v0.31.1
hooks: hooks:
- id: markdownlint - id: markdownlint
args: args:

6
.yamllint
View file

@ -2,6 +2,12 @@
extends: default extends: default
rules: rules:
# yamllint does not like it when you comment out different parts of
# dictionaries in a list. You can see
# https://github.com/adrienverge/yamllint/issues/384 for some examples of
# this behavior.
comments-indentation: disable
# yamllint doesn't like when we use yes and no for true and false, # yamllint doesn't like when we use yes and no for true and false,
# but that's pretty standard in Ansible. # but that's pretty standard in Ansible.
truthy: disable truthy: disable

2817
SOFTWARE-LIST.md
View file

File diff suppressed because it is too large Load diff

3
config/SOFTWARE-LIST.tpl.md
View file

@ -12,10 +12,11 @@
## Software List ## ## Software List ##
This list was initially populated using information from the following sources: This list has been populated using information from the following sources:
- Kevin Beaumont - Kevin Beaumont
- SwitHak - SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md). [`CONTRIBUTING.md`](CONTRIBUTING.md).

2
config/requirements.txt
View file

@ -1 +1 @@
https://github.com/cisagov/log4j-md-yml/archive/v1.1.0.tar.gz https://github.com/cisagov/log4j-md-yml/archive/v1.1.1.tar.gz

46086
data/cisagov.yml
View file

File diff suppressed because it is too large Load diff

7389
data/cisagov_A.yml
View file

File diff suppressed because it is too large Load diff

2714
data/cisagov_B.yml
View file

File diff suppressed because it is too large Load diff

1512
data/cisagov_C.yml
View file

File diff suppressed because it is too large Load diff

7727
data/cisagov_D.yml
View file

File diff suppressed because it is too large Load diff

6869
data/cisagov_E.yml
View file

File diff suppressed because it is too large Load diff

3524
data/cisagov_F.yml
View file

File diff suppressed because it is too large Load diff

2211
data/cisagov_G.yml
View file

File diff suppressed because it is too large Load diff

1458
data/cisagov_H.yml
View file

File diff suppressed because it is too large Load diff

2705
data/cisagov_I.yml
View file

File diff suppressed because it is too large Load diff

3597
data/cisagov_J.yml
View file

File diff suppressed because it is too large Load diff

609
data/cisagov_K.yml
View file

@ -5,7 +5,7 @@ owners:
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: K15t - vendor: K15t
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -32,9 +32,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: K6 - vendor: K6
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -61,9 +61,69 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn SaaS in the classic Learn experience
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.28.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn Self- and Managed-Hosting
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.26.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Karakun - vendor: Karakun
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -90,9 +150,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaseya - vendor: Kaseya
product: '' product: AuthAnvil
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -100,10 +160,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -119,9 +180,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Keeper Security - vendor: Kaseya
product: '' product: BMS
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -129,10 +190,401 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: ID Agent DarkWeb ID and BullPhish ID
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: IT Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: MyGlue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Network Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Passly
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: RocketCyber
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spannign Salesforce Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spanning O365 Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Unitrends
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Vorex
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: VSA SaaS and VSA On-Premises
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: KeePass
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sourceforge.net/p/keepass/discussion/329220/thread/4643c5ec4f/?limit=250
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Keeper
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -148,9 +600,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP - vendor: Kemp
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -176,10 +628,10 @@ software:
- https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit - https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit
notes: '' notes: ''
references: references:
- '' - '[Additional Link](https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-)'
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP 2 - vendor: Keycloak
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -187,10 +639,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -202,13 +655,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228- - https://github.com/keycloak/keycloak/discussions/9078
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax - vendor: Kofax
product: '' product: Capture
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -216,10 +669,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Capture/Kofax_Capture/Reference/Log4J_Vulnerability_CVE-2021-44228_Does_Not_Affect_Kofax_Capture
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Communication Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 5.3 - 5.5
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -231,13 +715,74 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228) - https://knowledge.kofax.com/Communications_Manager/Troubleshooting/log4j_vulnerability_in_Kofax_Communications_Manager
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Robot File System (RFS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '>=10.7'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Robotic Process Automation (RPA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '11.1'
- '11.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Konica Minolta - vendor: Konica Minolta
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -264,9 +809,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kronos UKG - vendor: Kronos UKG
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -293,9 +838,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kyberna - vendor: Kyberna
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -322,5 +867,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

256
data/cisagov_L.yml
View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: L3Harris Geospatial - vendor: L3Harris Geospatial
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lancom Systems - vendor: Lancom Systems
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lansweeper - vendor: Lansweeper
product: '' product: ''
cves: cves:
@ -119,7 +119,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Laserfiche - vendor: Laserfiche
product: '' product: ''
cves: cves:
@ -148,7 +148,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LastPass - vendor: LastPass
product: '' product: ''
cves: cves:
@ -177,7 +177,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LaunchDarkly - vendor: LaunchDarkly
product: '' product: ''
cves: cves:
@ -206,7 +206,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leanix - vendor: Leanix
product: '' product: ''
cves: cves:
@ -235,7 +235,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: Aperio AT2 product: Aperio AT2
cves: cves:
@ -613,35 +613,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND Controller product: BOND Controller
cves: cves:
@ -671,64 +642,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND RX product: BOND RX
cves: cves:
@ -787,6 +700,93 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: CEREBRO product: CEREBRO
cves: cves:
@ -2415,7 +2415,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Let's Encrypt - vendor: Let's Encrypt
product: '' product: ''
cves: cves:
@ -2444,7 +2444,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LibreNMS - vendor: LibreNMS
product: '' product: ''
cves: cves:
@ -2473,7 +2473,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeRay - vendor: LifeRay
product: '' product: ''
cves: cves:
@ -2502,7 +2502,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeSize - vendor: LifeSize
product: '' product: ''
cves: cves:
@ -2531,7 +2531,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lightbend - vendor: Lightbend
product: '' product: ''
cves: cves:
@ -2560,7 +2560,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lime CRM - vendor: Lime CRM
product: '' product: ''
cves: cves:
@ -2589,7 +2589,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LIONGARD - vendor: LIONGARD
product: '' product: ''
cves: cves:
@ -2618,7 +2618,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiquidFiles - vendor: LiquidFiles
product: '' product: ''
cves: cves:
@ -2647,7 +2647,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiveAction - vendor: LiveAction
product: '' product: ''
cves: cves:
@ -2676,7 +2676,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Loftware - vendor: Loftware
product: '' product: ''
cves: cves:
@ -2705,7 +2705,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LOGalyze - vendor: LOGalyze
product: SIEM & log analyzer tool product: SIEM & log analyzer tool
cves: cves:
@ -2766,7 +2766,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogicMonitor - vendor: LogicMonitor
product: LogicMonitor Platform product: LogicMonitor Platform
cves: cves:
@ -2795,7 +2795,37 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Logit.io
product: Logit.io Platform
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logit.io/blog/post/logit-io-log4shell-security-update
notes: ''
references:
- ''
last_updated: '2022-02-07T07:10:00+00:00'
- vendor: LogMeIn - vendor: LogMeIn
product: '' product: ''
cves: cves:
@ -2824,7 +2854,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogRhythm - vendor: LogRhythm
product: '' product: ''
cves: cves:
@ -2853,7 +2883,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Looker - vendor: Looker
product: Looker product: Looker
cves: cves:
@ -2888,7 +2918,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LucaNet - vendor: LucaNet
product: '' product: ''
cves: cves:
@ -2917,7 +2947,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lucee - vendor: Lucee
product: '' product: ''
cves: cves:
@ -2946,7 +2976,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lyrasis - vendor: Lyrasis
product: Fedora Repository product: Fedora Repository
cves: cves:

1113
data/cisagov_M.yml
View file

File diff suppressed because it is too large Load diff

110
data/cisagov_N.yml
View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nagios - vendor: Nagios
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NAKIVO - vendor: NAKIVO
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: National Instruments - vendor: National Instruments
product: OptimalPlus product: OptimalPlus
cves: cves:
@ -102,9 +102,9 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- 'Vertica' - Vertica
- 'Cloudera' - Cloudera
- 'Logstash' - Logstash
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -136,7 +136,7 @@ software:
investigated: true investigated: true
affected_versions: affected_versions:
- '>4.2' - '>4.2'
- '<4..2.12' - <4..2.12
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -182,7 +182,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netcup - vendor: Netcup
product: '' product: ''
cves: cves:
@ -211,7 +211,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NetGate PFSense - vendor: NetGate PFSense
product: '' product: ''
cves: cves:
@ -240,7 +240,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netwrix - vendor: Netwrix
product: '' product: ''
cves: cves:
@ -269,7 +269,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: New Relic - vendor: New Relic
product: Containerized Private Minion (CPM) product: Containerized Private Minion (CPM)
cves: cves:
@ -282,7 +282,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- '3.0.57' - 3.0.57
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -312,7 +312,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '<7.4.3' - <7.4.3
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -360,7 +360,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nextflow - vendor: Nextflow
product: Nextflow product: Nextflow
cves: cves:
@ -374,7 +374,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- '21.04.0.5552' - 21.04.0.5552
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -448,7 +448,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NinjaRMM - vendor: NinjaRMM
product: '' product: ''
cves: cves:
@ -478,7 +478,7 @@ software:
by CISA by CISA
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nomachine - vendor: Nomachine
product: '' product: ''
cves: cves:
@ -507,7 +507,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NoviFlow - vendor: NoviFlow
product: '' product: ''
cves: cves:
@ -536,7 +536,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Backlog product: Backlog
cves: cves:
@ -566,7 +566,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Backlog Enterprise (On-premises) product: Backlog Enterprise (On-premises)
cves: cves:
@ -596,7 +596,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Cacoo product: Cacoo
cves: cves:
@ -626,7 +626,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Cacoo Enterprise (On-premises) product: Cacoo Enterprise (On-premises)
cves: cves:
@ -656,7 +656,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Typetalk product: Typetalk
cves: cves:
@ -686,7 +686,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nutanix - vendor: Nutanix
product: AHV product: AHV
cves: cves:
@ -1342,35 +1342,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: LCM product: LCM
cves: cves:
@ -1401,6 +1372,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: Mine product: Mine
cves: cves:
@ -1758,7 +1758,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NXLog - vendor: NXLog
product: '' product: ''
cves: cves:
@ -1787,5 +1787,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

31
data/cisagov_Non-Alphabet.yml
View file

@ -154,4 +154,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: 7Signal
product: Sapphire
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.7signal.com/info/se-release-notes
notes: Fix released 2021-12-14
references:
- ''
last_updated: '2021-12-14T00:00:00'
... ...

162
data/cisagov_O.yml
View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OCLC - vendor: OCLC
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Octopus - vendor: Octopus
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Okta - vendor: Okta
product: Advanced Server Access product: Advanced Server Access
cves: cves:
@ -294,6 +294,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta - vendor: Okta
product: Okta RADIUS Server Agent product: Okta RADIUS Server Agent
cves: cves:
@ -382,36 +412,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Onespan - vendor: Onespan
product: '' product: ''
cves: cves:
@ -440,7 +440,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Opengear - vendor: Opengear
product: '' product: ''
cves: cves:
@ -469,7 +469,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenMRS TALK - vendor: OpenMRS TALK
product: '' product: ''
cves: cves:
@ -498,7 +498,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenNMS - vendor: OpenNMS
product: '' product: ''
cves: cves:
@ -527,7 +527,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenSearch - vendor: OpenSearch
product: '' product: ''
cves: cves:
@ -556,7 +556,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenText - vendor: OpenText
product: '' product: ''
cves: cves:
@ -586,37 +586,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-23T00:00:00' last_updated: '2021-12-23T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22 - vendor: Opto 22
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
cves: cves:
@ -710,6 +679,37 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-13T00:00:00' last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Oracle - vendor: Oracle
product: '' product: ''
cves: cves:
@ -741,7 +741,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Exadata product: Enterprise Manager
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -751,7 +751,8 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- <21.3.4 - '13.5'
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -773,7 +774,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Enterprise Manager product: Exadata
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -783,8 +784,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '13.5' - <21.3.4
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -833,7 +833,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PAM product: PAM
cves: cves:
@ -862,7 +862,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PEM product: PEM
cves: cves:
@ -891,7 +891,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PPA product: PPA
cves: cves:
@ -920,7 +920,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OTRS - vendor: OTRS
product: '' product: ''
cves: cves:
@ -949,7 +949,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OVHCloud - vendor: OVHCloud
product: '' product: ''
cves: cves:
@ -978,7 +978,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OwnCloud - vendor: OwnCloud
product: '' product: ''
cves: cves:
@ -1007,7 +1007,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OxygenXML - vendor: OxygenXML
product: Author product: Author
cves: cves:

8103
data/cisagov_P.yml
View file

File diff suppressed because it is too large Load diff

1323
data/cisagov_Q.yml
View file

File diff suppressed because it is too large Load diff

2857
data/cisagov_R.yml
View file

File diff suppressed because it is too large Load diff

4617
data/cisagov_S.yml
View file

File diff suppressed because it is too large Load diff

1568
data/cisagov_T.yml
View file

File diff suppressed because it is too large Load diff

238
data/cisagov_U.yml
View file

@ -33,7 +33,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ubiquiti - vendor: Ubiquiti
product: UniFi Network Controller product: UniFi Network Controller
cves: cves:
@ -93,123 +93,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UiPath - vendor: UiPath
product: InSights product: InSights
cves: cves:
@ -240,6 +124,122 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: USSIGNAL MSP - vendor: USSIGNAL MSP
product: '' product: ''
cves: cves:
@ -268,5 +268,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

542
data/cisagov_V.yml
View file

@ -4,35 +4,6 @@ owners:
- name: cisagov - name: cisagov
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varian - vendor: Varian
product: Acuity product: Acuity
cves: cves:
@ -63,36 +34,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA Connect (Cloverleaf) product: ARIA Connect (Cloverleaf)
cves: cves:
@ -123,96 +64,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA eDOC product: ARIA eDOC
cves: cves:
@ -244,7 +95,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology product: ARIA oncology information system for Medical Oncology
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -252,11 +103,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
fixed_versions: []
unaffected_versions:
- All - All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -393,6 +274,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: DoseLab product: DoseLab
cves: cves:
@ -573,6 +484,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ICAP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Identify product: Identify
cves: cves:
@ -694,7 +635,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ICAP product: Mobius3D platform
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -724,7 +665,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Mobius3D platform product: PaaS
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -933,36 +874,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: PaaS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: TrueBeam radiotherapy system product: TrueBeam radiotherapy system
cves: cves:
@ -1234,6 +1145,95 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varnish Software - vendor: Varnish Software
product: '' product: ''
cves: cves:
@ -1262,7 +1262,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varonis - vendor: Varonis
product: '' product: ''
cves: cves:
@ -1291,7 +1291,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veeam - vendor: Veeam
product: '' product: ''
cves: cves:
@ -1320,7 +1320,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Venafi - vendor: Venafi
product: '' product: ''
cves: cves:
@ -1349,7 +1349,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veritas NetBackup - vendor: Veritas NetBackup
product: '' product: ''
cves: cves:
@ -1378,7 +1378,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Vertica - vendor: Vertica
product: '' product: ''
cves: cves:
@ -1408,6 +1408,36 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Video Insight Inc.
product: Video Insight
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://i-pro.com/eu/en/surveillance/news/i-pro-products-and-log4j-2x-vulnerability
notes: Video Insight is a part of Panasonic I-Pro.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Viso Trust - vendor: Viso Trust
product: '' product: ''
cves: cves:
@ -1436,7 +1466,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: VMware - vendor: VMware
product: API Portal for VMware Tanzu product: API Portal for VMware Tanzu
cves: cves:
@ -1648,6 +1678,71 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware Carbon Black Cloud Workload Appliance product: VMware Carbon Black Cloud Workload Appliance
cves: cves:
@ -2261,71 +2356,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware vRealize Automation product: VMware vRealize Automation
cves: cves:
@ -2584,7 +2614,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: '' investigated: ''
affected_versions: [] affected_versions: []

1207
data/cisagov_W.yml
View file

File diff suppressed because it is too large Load diff

3456
data/cisagov_X.yml
View file

File diff suppressed because it is too large Load diff

482
data/cisagov_Y.yml
View file

@ -4,6 +4,40 @@ owners:
- name: cisagov - name: cisagov
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: Yahoo
product: Vespa
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://blog.vespa.ai/log4j-vulnerability/
notes: Your Vespa application may still be affected if log4j is included in your
application package.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yellowbrick - vendor: Yellowbrick
product: '' product: ''
cves: cves:
@ -32,9 +66,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YellowFin - vendor: YellowFin
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -42,9 +76,10 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions:
- 8.0.10.3, 9.7.0.2
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -58,12 +93,44 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2 - https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
notes: '' notes: v7 and v6 releases are not affected unless you have manually upgraded to
Log4j2.
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yenlo
product: Connext
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components
are not vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YOKOGAWA - vendor: YOKOGAWA
product: '' product: CENTUM VP
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -87,12 +154,12 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/ - https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: '' notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier.
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: YSoft SAFEQ - vendor: YOKOGAWA
product: '' product: CENTUM VP (other components)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -100,10 +167,342 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is
still under investigation.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: CI Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaopc
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaplog
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaquantum
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: FAST/TOOLS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: PRM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: STARDOM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: VTSPortal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YSoft
product: SAFEQ 4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -119,5 +518,66 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 5
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 6
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- <=6.0.63
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
... ...

459
data/cisagov_Z.yml
View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZAMMAD - vendor: ZAMMAD
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zaproxy - vendor: Zaproxy
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zebra - vendor: Zebra
product: '' product: ''
cves: cves:
@ -119,7 +119,193 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zeiss
product: Cataract Suite
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.3.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: EQ Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.6, 1.8
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: FORUM
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 4.2.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Glaucoma Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 3.5.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Laser Treatment Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Retina Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 2.5.x, 2.6.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zendesk - vendor: Zendesk
product: All Products product: All Products
cves: cves:
@ -180,7 +366,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zentera Systems, Inc. - vendor: Zentera Systems, Inc.
product: CoIP Access Platform product: CoIP Access Platform
cves: cves:
@ -212,34 +398,137 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Zerto - vendor: Zerto
product: '' product: Cloud Appliance
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links: vendor_links:
- https://help.zerto.com/kb/000004822 - https://help.zerto.com/kb/000004822
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Cloud Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Replication Appliance
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zesty - vendor: Zesty
product: '' product: ''
cves: cves:
@ -268,7 +557,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zimbra - vendor: Zimbra
product: '' product: ''
cves: cves:
@ -297,7 +586,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zix - vendor: Zix
product: '' product: ''
cves: cves:
@ -327,35 +616,72 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: Zoom - vendor: Zoho
product: '' product: Online
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links:
- https://help.zoho.com/portal/en/community/topic/update-on-the-recent-apache-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zoom
product: ''
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links: vendor_links:
- https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache - https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZPE systems Inc - vendor: ZPE systems Inc
product: '' product: ''
cves: cves:
@ -384,7 +710,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zscaler - vendor: Zscaler
product: See Link (Multiple Products) product: See Link (Multiple Products)
cves: cves:
@ -442,15 +768,82 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zyxel
product: All other products
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel
product: Netlas Element Management System (EMS)
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel - vendor: Zyxel
product: Security Firewall/Gateways product: Security Firewall/Gateways
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: [] affected_versions: []
@ -459,15 +852,17 @@ software:
- ZLD Firmware Security Services - ZLD Firmware Security Services
- Nebula - Nebula
cve-2021-45046: cve-2021-45046:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links: vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: '' notes: ''