1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 16:40:48 +00:00

Merge branch 'develop' into dependabot/github_actions/lewagon/wait-on-check-action-1.1.1

This commit is contained in:
Nick 2022-02-25 12:07:01 -05:00 committed by GitHub
commit 398415eb33
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
36 changed files with 95230 additions and 20622 deletions

View file

@ -1,5 +1,10 @@
--- ---
# Any ignore directives should be uncommented in downstream projects to disable
# Dependabot updates for the given dependency. Downstream projects will get
# these updates when the pull request(s) in the appropriate skeleton are merged
# and Lineage processes these changes.
version: 2 version: 2
updates: updates:
- package-ecosystem: "github-actions" - package-ecosystem: "github-actions"

View file

@ -68,6 +68,12 @@ jobs:
run: pip install --upgrade --requirement config/requirements.txt run: pip install --upgrade --requirement config/requirements.txt
- name: Create the branch for test validation - name: Create the branch for test validation
run: git switch --create ${{ needs.setup.outputs.testing_branch }} run: git switch --create ${{ needs.setup.outputs.testing_branch }}
- name: Normalize individual cisagov_*.yml files
run: |
for file in data/cisagov_*yml; do \
normalize-yml --cisagov-format "$file" > "$file".tmp; \
mv --force "$file".tmp "$file"; \
done
- name: Update the comprehensive cisagov YAML file - name: Update the comprehensive cisagov YAML file
run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml
- name: Generate a normalized YAML file from all source YAML files - name: Generate a normalized YAML file from all source YAML files
@ -84,7 +90,7 @@ jobs:
commit_user_name: ${{ needs.setup.outputs.git_user }} commit_user_name: ${{ needs.setup.outputs.git_user }}
commit_user_email: ${{ needs.setup.outputs.git_email }} commit_user_email: ${{ needs.setup.outputs.git_email }}
commit_author: ${{ needs.setup.outputs.git_author }} commit_author: ${{ needs.setup.outputs.git_author }}
file_pattern: SOFTWARE-LIST.md data/cisagov.yml file_pattern: SOFTWARE-LIST.md data/cisagov*.yml
merge_list_update: merge_list_update:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: needs:

View file

@ -44,7 +44,17 @@ MD035:
# Enforce dashes for horizontal rules # Enforce dashes for horizontal rules
style: "---" style: "---"
# MD046/code-block-style Code block style # MD046/code-block-style - Code block style
MD046: MD046:
# Enforce the fenced style for code blocks # Enforce the fenced style for code blocks
style: "fenced" style: "fenced"
# MD049/emphasis-style - Emphasis style should be consistent
MD049:
# Enforce asterisks as the style to use for emphasis
style: "asterisk"
# MD050/strong-style - Strong style should be consistent
MD050:
# Enforce asterisks as the style to use for strong
style: "asterisk"

View file

@ -31,7 +31,7 @@ repos:
# Text file hooks # Text file hooks
- repo: https://github.com/igorshubovych/markdownlint-cli - repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.30.0 rev: v0.31.1
hooks: hooks:
- id: markdownlint - id: markdownlint
args: args:

View file

@ -2,6 +2,12 @@
extends: default extends: default
rules: rules:
# yamllint does not like it when you comment out different parts of
# dictionaries in a list. You can see
# https://github.com/adrienverge/yamllint/issues/384 for some examples of
# this behavior.
comments-indentation: disable
# yamllint doesn't like when we use yes and no for true and false, # yamllint doesn't like when we use yes and no for true and false,
# but that's pretty standard in Ansible. # but that's pretty standard in Ansible.
truthy: disable truthy: disable

File diff suppressed because it is too large Load diff

View file

@ -12,10 +12,11 @@
## Software List ## ## Software List ##
This list was initially populated using information from the following sources: This list has been populated using information from the following sources:
- Kevin Beaumont - Kevin Beaumont
- SwitHak - SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md). [`CONTRIBUTING.md`](CONTRIBUTING.md).

View file

@ -1 +1 @@
https://github.com/cisagov/log4j-md-yml/archive/v1.1.0.tar.gz https://github.com/cisagov/log4j-md-yml/archive/v1.1.1.tar.gz

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -5,7 +5,7 @@ owners:
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: K15t - vendor: K15t
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -32,9 +32,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: K6 - vendor: K6
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -61,9 +61,69 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn SaaS in the classic Learn experience
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.28.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn Self- and Managed-Hosting
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.26.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Karakun - vendor: Karakun
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -90,9 +150,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaseya - vendor: Kaseya
product: '' product: AuthAnvil
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -100,10 +160,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -119,9 +180,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Keeper Security - vendor: Kaseya
product: '' product: BMS
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -129,10 +190,401 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: ID Agent DarkWeb ID and BullPhish ID
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: IT Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: MyGlue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Network Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Passly
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: RocketCyber
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spannign Salesforce Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spanning O365 Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Unitrends
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Vorex
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: VSA SaaS and VSA On-Premises
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: KeePass
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sourceforge.net/p/keepass/discussion/329220/thread/4643c5ec4f/?limit=250
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Keeper
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -148,9 +600,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP - vendor: Kemp
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -176,10 +628,10 @@ software:
- https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit - https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit
notes: '' notes: ''
references: references:
- '' - '[Additional Link](https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-)'
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP 2 - vendor: Keycloak
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -187,10 +639,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -202,13 +655,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228- - https://github.com/keycloak/keycloak/discussions/9078
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax - vendor: Kofax
product: '' product: Capture
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -216,10 +669,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Capture/Kofax_Capture/Reference/Log4J_Vulnerability_CVE-2021-44228_Does_Not_Affect_Kofax_Capture
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Communication Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 5.3 - 5.5
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -231,13 +715,74 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228) - https://knowledge.kofax.com/Communications_Manager/Troubleshooting/log4j_vulnerability_in_Kofax_Communications_Manager
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Robot File System (RFS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '>=10.7'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Robotic Process Automation (RPA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '11.1'
- '11.2'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Konica Minolta - vendor: Konica Minolta
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -264,9 +809,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kronos UKG - vendor: Kronos UKG
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -293,9 +838,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kyberna - vendor: Kyberna
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -322,5 +867,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: L3Harris Geospatial - vendor: L3Harris Geospatial
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lancom Systems - vendor: Lancom Systems
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lansweeper - vendor: Lansweeper
product: '' product: ''
cves: cves:
@ -119,7 +119,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Laserfiche - vendor: Laserfiche
product: '' product: ''
cves: cves:
@ -148,7 +148,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LastPass - vendor: LastPass
product: '' product: ''
cves: cves:
@ -177,7 +177,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LaunchDarkly - vendor: LaunchDarkly
product: '' product: ''
cves: cves:
@ -206,7 +206,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leanix - vendor: Leanix
product: '' product: ''
cves: cves:
@ -235,7 +235,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: Aperio AT2 product: Aperio AT2
cves: cves:
@ -613,35 +613,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND Controller product: BOND Controller
cves: cves:
@ -671,64 +642,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND RX product: BOND RX
cves: cves:
@ -787,6 +700,93 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: CEREBRO product: CEREBRO
cves: cves:
@ -2415,7 +2415,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Let's Encrypt - vendor: Let's Encrypt
product: '' product: ''
cves: cves:
@ -2444,7 +2444,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LibreNMS - vendor: LibreNMS
product: '' product: ''
cves: cves:
@ -2473,7 +2473,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeRay - vendor: LifeRay
product: '' product: ''
cves: cves:
@ -2502,7 +2502,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeSize - vendor: LifeSize
product: '' product: ''
cves: cves:
@ -2531,7 +2531,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lightbend - vendor: Lightbend
product: '' product: ''
cves: cves:
@ -2560,7 +2560,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lime CRM - vendor: Lime CRM
product: '' product: ''
cves: cves:
@ -2589,7 +2589,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LIONGARD - vendor: LIONGARD
product: '' product: ''
cves: cves:
@ -2618,7 +2618,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiquidFiles - vendor: LiquidFiles
product: '' product: ''
cves: cves:
@ -2647,7 +2647,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiveAction - vendor: LiveAction
product: '' product: ''
cves: cves:
@ -2676,7 +2676,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Loftware - vendor: Loftware
product: '' product: ''
cves: cves:
@ -2705,7 +2705,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LOGalyze - vendor: LOGalyze
product: SIEM & log analyzer tool product: SIEM & log analyzer tool
cves: cves:
@ -2766,7 +2766,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogicMonitor - vendor: LogicMonitor
product: LogicMonitor Platform product: LogicMonitor Platform
cves: cves:
@ -2795,7 +2795,37 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Logit.io
product: Logit.io Platform
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logit.io/blog/post/logit-io-log4shell-security-update
notes: ''
references:
- ''
last_updated: '2022-02-07T07:10:00+00:00'
- vendor: LogMeIn - vendor: LogMeIn
product: '' product: ''
cves: cves:
@ -2824,7 +2854,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogRhythm - vendor: LogRhythm
product: '' product: ''
cves: cves:
@ -2853,7 +2883,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Looker - vendor: Looker
product: Looker product: Looker
cves: cves:
@ -2888,7 +2918,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LucaNet - vendor: LucaNet
product: '' product: ''
cves: cves:
@ -2917,7 +2947,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lucee - vendor: Lucee
product: '' product: ''
cves: cves:
@ -2946,7 +2976,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lyrasis - vendor: Lyrasis
product: Fedora Repository product: Fedora Repository
cves: cves:

File diff suppressed because it is too large Load diff

View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nagios - vendor: Nagios
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NAKIVO - vendor: NAKIVO
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: National Instruments - vendor: National Instruments
product: OptimalPlus product: OptimalPlus
cves: cves:
@ -102,9 +102,9 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- 'Vertica' - Vertica
- 'Cloudera' - Cloudera
- 'Logstash' - Logstash
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -136,7 +136,7 @@ software:
investigated: true investigated: true
affected_versions: affected_versions:
- '>4.2' - '>4.2'
- '<4..2.12' - <4..2.12
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -182,7 +182,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netcup - vendor: Netcup
product: '' product: ''
cves: cves:
@ -211,7 +211,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NetGate PFSense - vendor: NetGate PFSense
product: '' product: ''
cves: cves:
@ -240,7 +240,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netwrix - vendor: Netwrix
product: '' product: ''
cves: cves:
@ -269,7 +269,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: New Relic - vendor: New Relic
product: Containerized Private Minion (CPM) product: Containerized Private Minion (CPM)
cves: cves:
@ -282,7 +282,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- '3.0.57' - 3.0.57
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -312,7 +312,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '<7.4.3' - <7.4.3
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -360,7 +360,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nextflow - vendor: Nextflow
product: Nextflow product: Nextflow
cves: cves:
@ -374,7 +374,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- '21.04.0.5552' - 21.04.0.5552
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -448,7 +448,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NinjaRMM - vendor: NinjaRMM
product: '' product: ''
cves: cves:
@ -478,7 +478,7 @@ software:
by CISA by CISA
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nomachine - vendor: Nomachine
product: '' product: ''
cves: cves:
@ -507,7 +507,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NoviFlow - vendor: NoviFlow
product: '' product: ''
cves: cves:
@ -536,7 +536,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Backlog product: Backlog
cves: cves:
@ -566,7 +566,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Backlog Enterprise (On-premises) product: Backlog Enterprise (On-premises)
cves: cves:
@ -596,7 +596,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Cacoo product: Cacoo
cves: cves:
@ -626,7 +626,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Cacoo Enterprise (On-premises) product: Cacoo Enterprise (On-premises)
cves: cves:
@ -656,7 +656,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Typetalk product: Typetalk
cves: cves:
@ -686,7 +686,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nutanix - vendor: Nutanix
product: AHV product: AHV
cves: cves:
@ -1342,35 +1342,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: LCM product: LCM
cves: cves:
@ -1401,6 +1372,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: Mine product: Mine
cves: cves:
@ -1758,7 +1758,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NXLog - vendor: NXLog
product: '' product: ''
cves: cves:
@ -1787,5 +1787,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

View file

@ -154,4 +154,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: 7Signal
product: Sapphire
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.7signal.com/info/se-release-notes
notes: Fix released 2021-12-14
references:
- ''
last_updated: '2021-12-14T00:00:00'
... ...

View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OCLC - vendor: OCLC
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Octopus - vendor: Octopus
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Okta - vendor: Okta
product: Advanced Server Access product: Advanced Server Access
cves: cves:
@ -294,6 +294,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta - vendor: Okta
product: Okta RADIUS Server Agent product: Okta RADIUS Server Agent
cves: cves:
@ -382,36 +412,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Onespan - vendor: Onespan
product: '' product: ''
cves: cves:
@ -440,7 +440,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Opengear - vendor: Opengear
product: '' product: ''
cves: cves:
@ -469,7 +469,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenMRS TALK - vendor: OpenMRS TALK
product: '' product: ''
cves: cves:
@ -498,7 +498,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenNMS - vendor: OpenNMS
product: '' product: ''
cves: cves:
@ -527,7 +527,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenSearch - vendor: OpenSearch
product: '' product: ''
cves: cves:
@ -556,7 +556,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenText - vendor: OpenText
product: '' product: ''
cves: cves:
@ -586,37 +586,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-23T00:00:00' last_updated: '2021-12-23T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22 - vendor: Opto 22
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
cves: cves:
@ -710,6 +679,37 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-13T00:00:00' last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Oracle - vendor: Oracle
product: '' product: ''
cves: cves:
@ -741,7 +741,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Exadata product: Enterprise Manager
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -751,7 +751,8 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- <21.3.4 - '13.5'
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -773,7 +774,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Enterprise Manager product: Exadata
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -783,8 +784,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '13.5' - <21.3.4
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -833,7 +833,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PAM product: PAM
cves: cves:
@ -862,7 +862,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PEM product: PEM
cves: cves:
@ -891,7 +891,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PPA product: PPA
cves: cves:
@ -920,7 +920,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OTRS - vendor: OTRS
product: '' product: ''
cves: cves:
@ -949,7 +949,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OVHCloud - vendor: OVHCloud
product: '' product: ''
cves: cves:
@ -978,7 +978,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OwnCloud - vendor: OwnCloud
product: '' product: ''
cves: cves:
@ -1007,7 +1007,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OxygenXML - vendor: OxygenXML
product: Author product: Author
cves: cves:

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -33,7 +33,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ubiquiti - vendor: Ubiquiti
product: UniFi Network Controller product: UniFi Network Controller
cves: cves:
@ -93,123 +93,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UiPath - vendor: UiPath
product: InSights product: InSights
cves: cves:
@ -240,6 +124,122 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: USSIGNAL MSP - vendor: USSIGNAL MSP
product: '' product: ''
cves: cves:
@ -268,5 +268,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

View file

@ -4,35 +4,6 @@ owners:
- name: cisagov - name: cisagov
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varian - vendor: Varian
product: Acuity product: Acuity
cves: cves:
@ -63,36 +34,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA Connect (Cloverleaf) product: ARIA Connect (Cloverleaf)
cves: cves:
@ -123,96 +64,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA eDOC product: ARIA eDOC
cves: cves:
@ -244,7 +95,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology product: ARIA oncology information system for Medical Oncology
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -252,11 +103,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
fixed_versions: []
unaffected_versions:
- All - All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -393,6 +274,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: DoseLab product: DoseLab
cves: cves:
@ -573,6 +484,36 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ICAP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Identify product: Identify
cves: cves:
@ -694,7 +635,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ICAP product: Mobius3D platform
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -724,7 +665,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Mobius3D platform product: PaaS
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -933,36 +874,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: PaaS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: TrueBeam radiotherapy system product: TrueBeam radiotherapy system
cves: cves:
@ -1234,6 +1145,95 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varnish Software - vendor: Varnish Software
product: '' product: ''
cves: cves:
@ -1262,7 +1262,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varonis - vendor: Varonis
product: '' product: ''
cves: cves:
@ -1291,7 +1291,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veeam - vendor: Veeam
product: '' product: ''
cves: cves:
@ -1320,7 +1320,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Venafi - vendor: Venafi
product: '' product: ''
cves: cves:
@ -1349,7 +1349,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veritas NetBackup - vendor: Veritas NetBackup
product: '' product: ''
cves: cves:
@ -1378,7 +1378,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Vertica - vendor: Vertica
product: '' product: ''
cves: cves:
@ -1408,6 +1408,36 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Video Insight Inc.
product: Video Insight
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://i-pro.com/eu/en/surveillance/news/i-pro-products-and-log4j-2x-vulnerability
notes: Video Insight is a part of Panasonic I-Pro.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Viso Trust - vendor: Viso Trust
product: '' product: ''
cves: cves:
@ -1436,7 +1466,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: VMware - vendor: VMware
product: API Portal for VMware Tanzu product: API Portal for VMware Tanzu
cves: cves:
@ -1648,6 +1678,71 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware Carbon Black Cloud Workload Appliance product: VMware Carbon Black Cloud Workload Appliance
cves: cves:
@ -2261,71 +2356,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware vRealize Automation product: VMware vRealize Automation
cves: cves:
@ -2584,7 +2614,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: '' investigated: ''
affected_versions: [] affected_versions: []

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -4,6 +4,40 @@ owners:
- name: cisagov - name: cisagov
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: Yahoo
product: Vespa
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://blog.vespa.ai/log4j-vulnerability/
notes: Your Vespa application may still be affected if log4j is included in your
application package.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yellowbrick - vendor: Yellowbrick
product: '' product: ''
cves: cves:
@ -32,9 +66,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YellowFin - vendor: YellowFin
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -42,9 +76,10 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions:
- 8.0.10.3, 9.7.0.2
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -58,12 +93,44 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2 - https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
notes: '' notes: v7 and v6 releases are not affected unless you have manually upgraded to
Log4j2.
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yenlo
product: Connext
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components
are not vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YOKOGAWA - vendor: YOKOGAWA
product: '' product: CENTUM VP
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -87,12 +154,12 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/ - https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: '' notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier.
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: YSoft SAFEQ - vendor: YOKOGAWA
product: '' product: CENTUM VP (other components)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -100,10 +167,342 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is
still under investigation.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: CI Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaopc
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaplog
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaquantum
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: FAST/TOOLS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: PRM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: STARDOM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: VTSPortal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YSoft
product: SAFEQ 4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -119,5 +518,66 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 5
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 6
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- <=6.0.63
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
... ...

View file

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZAMMAD - vendor: ZAMMAD
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zaproxy - vendor: Zaproxy
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zebra - vendor: Zebra
product: '' product: ''
cves: cves:
@ -119,7 +119,193 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zeiss
product: Cataract Suite
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.3.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: EQ Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.6, 1.8
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: FORUM
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 4.2.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Glaucoma Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 3.5.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Laser Treatment Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Retina Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 2.5.x, 2.6.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zendesk - vendor: Zendesk
product: All Products product: All Products
cves: cves:
@ -180,7 +366,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zentera Systems, Inc. - vendor: Zentera Systems, Inc.
product: CoIP Access Platform product: CoIP Access Platform
cves: cves:
@ -212,34 +398,137 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Zerto - vendor: Zerto
product: '' product: Cloud Appliance
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links: vendor_links:
- https://help.zerto.com/kb/000004822 - https://help.zerto.com/kb/000004822
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Cloud Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Replication Appliance
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zesty - vendor: Zesty
product: '' product: ''
cves: cves:
@ -268,7 +557,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zimbra - vendor: Zimbra
product: '' product: ''
cves: cves:
@ -297,7 +586,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zix - vendor: Zix
product: '' product: ''
cves: cves:
@ -327,35 +616,72 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: Zoom - vendor: Zoho
product: '' product: Online
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links:
- https://help.zoho.com/portal/en/community/topic/update-on-the-recent-apache-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zoom
product: ''
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links: vendor_links:
- https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache - https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZPE systems Inc - vendor: ZPE systems Inc
product: '' product: ''
cves: cves:
@ -384,7 +710,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zscaler - vendor: Zscaler
product: See Link (Multiple Products) product: See Link (Multiple Products)
cves: cves:
@ -442,15 +768,82 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zyxel
product: All other products
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel
product: Netlas Element Management System (EMS)
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel - vendor: Zyxel
product: Security Firewall/Gateways product: Security Firewall/Gateways
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: [] affected_versions: []
@ -459,15 +852,17 @@ software:
- ZLD Firmware Security Services - ZLD Firmware Security Services
- Nebula - Nebula
cve-2021-45046: cve-2021-45046:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links: vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: '' notes: ''