r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Merge branch 'develop' into dependabot/github_actions/lewagon/wait-on-check-action-1.1.1

Browse Source
pull/442/head
Nick 2 years ago committed by GitHub
parent f9f01183a8 5097d37907
commit 398415eb33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
36 changed files with 99291 additions and 24683 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      .github/dependabot.yml
  2. 8
      .github/workflows/update_software_list.yml
  3. 12
      .mdl_config.yaml
  4. 2
      .pre-commit-config.yaml
  5. 6
      .yamllint
  6. 2817
      SOFTWARE-LIST.md
  7. 3
      config/SOFTWARE-LIST.tpl.md
  8. 2
      config/requirements.txt
  9. 71630
      data/cisagov.yml
  10. 7167
      data/cisagov_A.yml
  11. 2628
      data/cisagov_B.yml
  12. 1058
      data/cisagov_C.yml
  13. 3297
      data/cisagov_D.yml
  14. 3257
      data/cisagov_E.yml
  15. 3448
      data/cisagov_F.yml
  16. 1603
      data/cisagov_G.yml
  17. 930
      data/cisagov_H.yml
  18. 2229
      data/cisagov_I.yml
  19. 2959
      data/cisagov_J.yml
  20. 599
      data/cisagov_K.yml
  21. 94
      data/cisagov_L.yml
  22. 425
      data/cisagov_M.yml
  23. 70
      data/cisagov_N.yml
  24. 31
      data/cisagov_Non-Alphabet.yml
  25. 82
      data/cisagov_O.yml
  26. 8095
      data/cisagov_P.yml
  27. 1175
      data/cisagov_Q.yml
  28. 2857
      data/cisagov_R.yml
  29. 1171
      data/cisagov_S.yml
  30. 364
      data/cisagov_T.yml
  31. 50
      data/cisagov_U.yml
  32. 424
      data/cisagov_V.yml
  33. 1167
      data/cisagov_W.yml
  34. 3374
      data/cisagov_X.yml
  35. 476
      data/cisagov_Y.yml
  36. 459
      data/cisagov_Z.yml

5
.github/dependabot.yml
Unescape View File

@ -1,5 +1,10 @@
--- ---
# Any ignore directives should be uncommented in downstream projects to disable
# Dependabot updates for the given dependency. Downstream projects will get
# these updates when the pull request(s) in the appropriate skeleton are merged
# and Lineage processes these changes.
version: 2 version: 2
updates: updates:
- package-ecosystem: "github-actions" - package-ecosystem: "github-actions"

8
.github/workflows/update_software_list.yml
Unescape View File

@ -68,6 +68,12 @@ jobs:
run: pip install --upgrade --requirement config/requirements.txt run: pip install --upgrade --requirement config/requirements.txt
- name: Create the branch for test validation - name: Create the branch for test validation
run: git switch --create ${{ needs.setup.outputs.testing_branch }} run: git switch --create ${{ needs.setup.outputs.testing_branch }}
- name: Normalize individual cisagov_*.yml files
run: |
for file in data/cisagov_*yml; do \
normalize-yml --cisagov-format "$file" > "$file".tmp; \
mv --force "$file".tmp "$file"; \
done
- name: Update the comprehensive cisagov YAML file - name: Update the comprehensive cisagov YAML file
run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml
- name: Generate a normalized YAML file from all source YAML files - name: Generate a normalized YAML file from all source YAML files
@ -84,7 +90,7 @@ jobs:
commit_user_name: ${{ needs.setup.outputs.git_user }} commit_user_name: ${{ needs.setup.outputs.git_user }}
commit_user_email: ${{ needs.setup.outputs.git_email }} commit_user_email: ${{ needs.setup.outputs.git_email }}
commit_author: ${{ needs.setup.outputs.git_author }} commit_author: ${{ needs.setup.outputs.git_author }}
file_pattern: SOFTWARE-LIST.md data/cisagov.yml file_pattern: SOFTWARE-LIST.md data/cisagov*.yml
merge_list_update: merge_list_update:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: needs:

12
.mdl_config.yaml
Unescape View File

@ -44,7 +44,17 @@ MD035:
# Enforce dashes for horizontal rules # Enforce dashes for horizontal rules
style: "---" style: "---"
# MD046/code-block-style Code block style # MD046/code-block-style - Code block style
MD046: MD046:
# Enforce the fenced style for code blocks # Enforce the fenced style for code blocks
style: "fenced" style: "fenced"
# MD049/emphasis-style - Emphasis style should be consistent
MD049:
# Enforce asterisks as the style to use for emphasis
style: "asterisk"
# MD050/strong-style - Strong style should be consistent
MD050:
# Enforce asterisks as the style to use for strong
style: "asterisk"

2
.pre-commit-config.yaml
Unescape View File

@ -31,7 +31,7 @@ repos:
# Text file hooks # Text file hooks
- repo: https://github.com/igorshubovych/markdownlint-cli - repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.30.0 rev: v0.31.1
hooks: hooks:
- id: markdownlint - id: markdownlint
args: args:

6
.yamllint
Unescape View File

@ -2,6 +2,12 @@
extends: default extends: default
rules: rules:
# yamllint does not like it when you comment out different parts of
# dictionaries in a list. You can see
# https://github.com/adrienverge/yamllint/issues/384 for some examples of
# this behavior.
comments-indentation: disable
# yamllint doesn't like when we use yes and no for true and false, # yamllint doesn't like when we use yes and no for true and false,
# but that's pretty standard in Ansible. # but that's pretty standard in Ansible.
truthy: disable truthy: disable

2817
SOFTWARE-LIST.md
View File

File diff suppressed because it is too large Load Diff

3
config/SOFTWARE-LIST.tpl.md
Unescape View File

@ -12,10 +12,11 @@
## Software List ## ## Software List ##
This list was initially populated using information from the following sources: This list has been populated using information from the following sources:
- Kevin Beaumont - Kevin Beaumont
- SwitHak - SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md). [`CONTRIBUTING.md`](CONTRIBUTING.md).

2
config/requirements.txt
Unescape View File

@ -1 +1 @@
https://github.com/cisagov/log4j-md-yml/archive/v1.1.0.tar.gz https://github.com/cisagov/log4j-md-yml/archive/v1.1.1.tar.gz

71630
data/cisagov.yml
View File

File diff suppressed because it is too large Load Diff

7167
data/cisagov_A.yml
View File

File diff suppressed because it is too large Load Diff

2628
data/cisagov_B.yml
View File

File diff suppressed because it is too large Load Diff

1058
data/cisagov_C.yml
View File

File diff suppressed because it is too large Load Diff

3297
data/cisagov_D.yml
View File

File diff suppressed because it is too large Load Diff

3257
data/cisagov_E.yml
View File

File diff suppressed because it is too large Load Diff

3448
data/cisagov_F.yml
View File

File diff suppressed because it is too large Load Diff

1603
data/cisagov_G.yml
View File

File diff suppressed because it is too large Load Diff

930
data/cisagov_H.yml
View File

File diff suppressed because it is too large Load Diff

2229
data/cisagov_I.yml
View File

File diff suppressed because it is too large Load Diff

2959
data/cisagov_J.yml
View File

File diff suppressed because it is too large Load Diff

599
data/cisagov_K.yml
Unescape View File

@ -5,7 +5,7 @@ owners:
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: K15t - vendor: K15t
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -32,9 +32,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: K6 - vendor: K6
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -61,9 +61,69 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn SaaS in the classic Learn experience
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.28.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Kaltura
product: Blackboard Learn Self- and Managed-Hosting
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v3900.26.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412
notes: ''
references:
- ''
last_updated: '2021-12-23T07:18:50+00:00'
- vendor: Karakun - vendor: Karakun
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -90,9 +150,339 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaseya
product: AuthAnvil
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: BMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: ID Agent DarkWeb ID and BullPhish ID
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: IT Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: MyGlue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Network Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Passly
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: RocketCyber
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spannign Salesforce Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Spanning O365 Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: Unitrends
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya - vendor: Kaseya
product: '' product: Vorex
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -100,10 +490,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Kaseya
product: VSA SaaS and VSA On-Premises
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -119,9 +540,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Keeper Security - vendor: KeePass
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -129,10 +550,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://sourceforge.net/p/keepass/discussion/329220/thread/4643c5ec4f/?limit=250
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Keeper
product: All
cves:
cve-2021-4104:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -148,9 +600,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP - vendor: Kemp
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -175,11 +627,41 @@ software:
vendor_links: vendor_links:
- https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit - https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit
notes: '' notes: ''
references:
- '[Additional Link](https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-)'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Keycloak
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/keycloak/keycloak/discussions/9078
notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP 2 - vendor: Kofax
product: '' product: Capture
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -187,10 +669,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Capture/Kofax_Capture/Reference/Log4J_Vulnerability_CVE-2021-44228_Does_Not_Affect_Kofax_Capture
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Communication Manager
cves:
cve-2021-4104:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 5.3 - 5.5
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -202,13 +715,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228- - https://knowledge.kofax.com/Communications_Manager/Troubleshooting/log4j_vulnerability_in_Kofax_Communications_Manager
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax - vendor: Kofax
product: '' product: Robot File System (RFS)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -216,10 +729,42 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '>=10.7'
unaffected_versions: []
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: Robotic Process Automation (RPA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '11.1'
- '11.2'
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -231,13 +776,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228) - https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Konica Minolta - vendor: Konica Minolta
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -264,9 +809,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kronos UKG - vendor: Kronos UKG
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -293,9 +838,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kyberna - vendor: Kyberna
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -322,5 +867,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

94
data/cisagov_L.yml
Unescape View File

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: L3Harris Geospatial - vendor: L3Harris Geospatial
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lancom Systems - vendor: Lancom Systems
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lansweeper - vendor: Lansweeper
product: '' product: ''
cves: cves:
@ -119,7 +119,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Laserfiche - vendor: Laserfiche
product: '' product: ''
cves: cves:
@ -148,7 +148,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LastPass - vendor: LastPass
product: '' product: ''
cves: cves:
@ -177,7 +177,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LaunchDarkly - vendor: LaunchDarkly
product: '' product: ''
cves: cves:
@ -206,7 +206,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leanix - vendor: Leanix
product: '' product: ''
cves: cves:
@ -235,7 +235,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: Aperio AT2 product: Aperio AT2
cves: cves:
@ -614,7 +614,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE product: BOND Controller
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -643,7 +643,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND Controller product: BOND RX
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -672,7 +672,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND-III product: BOND RXm
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -701,7 +701,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND-MAX product: BOND-ADVANCE
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -730,7 +730,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND RX product: BOND-III
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -759,7 +759,7 @@ software:
- '' - ''
last_updated: '2021-12-21T00:00:00' last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS - vendor: Leica BIOSYSTEMS
product: BOND RXm product: BOND-MAX
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2415,7 +2415,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Let's Encrypt - vendor: Let's Encrypt
product: '' product: ''
cves: cves:
@ -2444,7 +2444,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LibreNMS - vendor: LibreNMS
product: '' product: ''
cves: cves:
@ -2473,7 +2473,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeRay - vendor: LifeRay
product: '' product: ''
cves: cves:
@ -2502,7 +2502,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeSize - vendor: LifeSize
product: '' product: ''
cves: cves:
@ -2531,7 +2531,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lightbend - vendor: Lightbend
product: '' product: ''
cves: cves:
@ -2560,7 +2560,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lime CRM - vendor: Lime CRM
product: '' product: ''
cves: cves:
@ -2589,7 +2589,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LIONGARD - vendor: LIONGARD
product: '' product: ''
cves: cves:
@ -2618,7 +2618,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiquidFiles - vendor: LiquidFiles
product: '' product: ''
cves: cves:
@ -2647,7 +2647,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiveAction - vendor: LiveAction
product: '' product: ''
cves: cves:
@ -2676,7 +2676,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Loftware - vendor: Loftware
product: '' product: ''
cves: cves:
@ -2705,7 +2705,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LOGalyze - vendor: LOGalyze
product: SIEM & log analyzer tool product: SIEM & log analyzer tool
cves: cves:
@ -2766,7 +2766,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogicMonitor - vendor: LogicMonitor
product: LogicMonitor Platform product: LogicMonitor Platform
cves: cves:
@ -2795,7 +2795,37 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Logit.io
product: Logit.io Platform
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logit.io/blog/post/logit-io-log4shell-security-update
notes: ''
references:
- ''
last_updated: '2022-02-07T07:10:00+00:00'
- vendor: LogMeIn - vendor: LogMeIn
product: '' product: ''
cves: cves:
@ -2824,7 +2854,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogRhythm - vendor: LogRhythm
product: '' product: ''
cves: cves:
@ -2853,7 +2883,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Looker - vendor: Looker
product: Looker product: Looker
cves: cves:
@ -2888,7 +2918,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LucaNet - vendor: LucaNet
product: '' product: ''
cves: cves:
@ -2917,7 +2947,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lucee - vendor: Lucee
product: '' product: ''
cves: cves:
@ -2946,7 +2976,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lyrasis - vendor: Lyrasis
product: Fedora Repository product: Fedora Repository
cves: cves:

425
data/cisagov_M.yml
Unescape View File

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Maltego - vendor: Maltego
product: '' product: ''
cves: cves:
@ -61,9 +61,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ManageEngine - vendor: ManageEngine
product: Servicedesk Plus product: AD SelfService Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -72,10 +72,10 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions: []
- 11305 and below
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- Build 6.1 build 6114
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -86,14 +86,13 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links: []
- https://www.manageengine.com/products/service-desk/security-response-plan.html
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-27T00:00:00'
- vendor: ManageEngine - vendor: ManageEngine
product: AD SelfService Plus product: Servicedesk Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -102,10 +101,10 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: [] affected_versions:
- 11305 and below
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions: []
- Build 6.1 build 6114
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -116,11 +115,12 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: [] vendor_links:
- https://www.manageengine.com/products/service-desk/security-response-plan.html
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-27T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: '' product: ''
cves: cves:
@ -149,9 +149,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: ADManager Plus product: ADAudit Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -160,8 +160,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -181,7 +180,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: ADAudit Plus product: ADManager Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -190,8 +189,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -211,7 +209,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: DataSecurity Plus product: Analytics Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -220,8 +218,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -241,7 +238,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: EventLog Analyzer product: Cloud Security Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -250,8 +247,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -271,7 +267,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: M365 Manager Plus product: DataSecurity Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -280,8 +276,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -301,7 +296,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: RecoveryManager Plus product: EventLog Analyzer
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -310,8 +305,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -340,8 +334,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -370,8 +363,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -400,8 +392,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -421,7 +412,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: Cloud Security Plus product: M365 Manager Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -430,8 +421,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -460,8 +450,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -481,7 +470,7 @@ software:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: ManageEngine Zoho - vendor: ManageEngine Zoho
product: Analytics Plus product: RecoveryManager Plus
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -490,8 +479,7 @@ software:
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: affected_versions: []
- On-Prem
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -538,7 +526,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MathWorks - vendor: MathWorks
product: All MathWorks general release desktop or server products product: All MathWorks general release desktop or server products
cves: cves:
@ -581,7 +569,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -656,7 +644,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mattermost FocalBoard - vendor: Mattermost FocalBoard
product: '' product: ''
cves: cves:
@ -685,7 +673,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: McAfee - vendor: McAfee
product: Data Exchange Layer (DXL) Client product: Data Exchange Layer (DXL) Client
cves: cves:
@ -939,7 +927,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: ePolicy Orchestrator Application Server (ePO) product: Enterprise Security Manager (ESM)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -950,7 +938,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- 5.10 CU11 - 11.5.3
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -997,7 +985,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: Host Intrusion Prevention (Host IPS) product: ePolicy Orchestrator Application Server (ePO)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1005,9 +993,10 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions:
- 5.10 CU11
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -1019,13 +1008,14 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: [] vendor_links:
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: Management of Native Encryption (MNE) product: Host Intrusion Prevention (Host IPS)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1053,7 +1043,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Active Response (MAR) product: Management of Native Encryption (MNE)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1081,7 +1071,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Agent (MA) product: McAfee Active Response (MAR)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1109,7 +1099,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Application and Change Control (MACC) for Linux product: McAfee Agent (MA)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1137,7 +1127,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Application and Change Control (MACC) for Windows product: McAfee Application and Change Control (MACC) for Linux
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1165,7 +1155,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Client Proxy (MCP) for Mac product: McAfee Application and Change Control (MACC) for Windows
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1193,7 +1183,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Client Proxy (MCP) for Windows product: McAfee Client Proxy (MCP) for Mac
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1221,7 +1211,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Drive Encryption (MDE) product: McAfee Client Proxy (MCP) for Windows
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1249,7 +1239,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Security for Microsoft Exchange (MSME) product: McAfee Drive Encryption (MDE)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1277,7 +1267,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: McAfee Security for Microsoft SharePoint (MSMS) product: McAfee Security for Microsoft Exchange (MSME)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1333,7 +1323,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: McAfee - vendor: McAfee
product: Enterprise Security Manager (ESM) product: McAfee Security for Microsoft SharePoint (MSMS)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1341,10 +1331,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions: []
- 11.5.3
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -1356,8 +1345,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links: []
- https://kc.mcafee.com/agent/index?page=content&id=SB10377
notes: '' notes: ''
references: references:
- '' - ''
@ -1561,7 +1549,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MEINBERG - vendor: MEINBERG
product: LANTIME and microSync product: LANTIME and microSync
cves: cves:
@ -1619,7 +1607,7 @@ software:
notes: Project is written in Python notes: Project is written in Python
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Memurai - vendor: Memurai
product: '' product: ''
cves: cves:
@ -1649,8 +1637,8 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: MicroFocus - vendor: Micro Focus
product: '' product: Data Protector
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1658,9 +1646,19 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions:
- '10.20'
- '10.30'
- '10.40'
- '10.50'
- '10.60'
- '10.70'
- '10.80'
- '10.90'
- '10.91'
- '11.00'
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -1673,13 +1671,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228 - https://portal.microfocus.com/s/article/KM000003052
notes: '' notes: ''
references: references:
- '' - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)'
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2021-12-13T00:00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure Application Gateway product: Azure API Gateway
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1706,9 +1704,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure API Gateway product: Azure Application Gateway
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1735,7 +1733,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure Data lake store java product: Azure Data lake store java
cves: cves:
@ -1765,7 +1763,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure Data lake store java product: Azure Data lake store java
cves: cves:
@ -1795,9 +1793,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure DevOps Server product: Azure DevOps
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1805,9 +1803,8 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: affected_versions: []
- 2019.0 - 2020.1
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -1825,9 +1822,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure DevOps product: Azure DevOps Server
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1835,8 +1832,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions:
- 2019.0 - 2020.1
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -1854,7 +1852,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Azure Traffic Manager product: Azure Traffic Manager
cves: cves:
@ -1883,7 +1881,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microsoft - vendor: Microsoft
product: Team Foundation Server product: Team Foundation Server
cves: cves:
@ -1913,7 +1911,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Microstrategy - vendor: Microstrategy
product: '' product: ''
cves: cves:
@ -2000,7 +1998,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Milestone sys - vendor: Milestone sys
product: '' product: ''
cves: cves:
@ -2029,7 +2027,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mimecast - vendor: Mimecast
product: '' product: ''
cves: cves:
@ -2058,7 +2056,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Minecraft - vendor: Minecraft
product: '' product: ''
cves: cves:
@ -2087,7 +2085,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mirantis - vendor: Mirantis
product: '' product: ''
cves: cves:
@ -2116,7 +2114,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Miro - vendor: Miro
product: '' product: ''
cves: cves:
@ -2145,7 +2143,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mitel - vendor: Mitel
product: '' product: ''
cves: cves:
@ -2174,7 +2172,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MMM Group - vendor: MMM Group
product: Control software of all MMM series product: Control software of all MMM series
cves: cves:
@ -2233,143 +2231,6 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-05T00:00:00' last_updated: '2022-01-05T00:00:00'
- vendor: MobileIron
product: Core
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All Versions
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MobileIron
product: Core Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All Versions
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MobileIron
product: Reporting Database (RDB)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All Versions
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MobileIron
product: Sentry
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '9.13'
- '9.14'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
result removes the ability to perform the RCE attack. The workaround needs
to be applied in a maintenance window. You will not be able to access the admin
portal during the procedure, however, end user devices will continue to function.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: MongoDB - vendor: MongoDB
product: All other components of MongoDB Atlas (including Atlas Database, Data product: All other components of MongoDB Atlas (including Atlas Database, Data
Lake, Charts) Lake, Charts)
@ -2399,7 +2260,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB - vendor: MongoDB
product: MongoDB Atlas Search product: MongoDB Atlas Search
cves: cves:
@ -2428,7 +2289,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB - vendor: MongoDB
product: MongoDB Community Edition (including Community Server, Cloud Manager, product: MongoDB Community Edition (including Community Server, Cloud Manager,
Community Kubernetes Operators) Community Kubernetes Operators)
@ -2458,7 +2319,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB - vendor: MongoDB
product: MongoDB Drivers product: MongoDB Drivers
cves: cves:
@ -2487,7 +2348,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB - vendor: MongoDB
product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager,
Enterprise Kubernetes Operators) Enterprise Kubernetes Operators)
@ -2517,7 +2378,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB - vendor: MongoDB
product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) product: MongoDB Realm (including Realm Database, Sync, Functions, APIs)
cves: cves:
@ -2546,7 +2407,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MongoDB - vendor: MongoDB
product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas
CLI, Database Connectors) CLI, Database Connectors)
@ -2576,7 +2437,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Moodle - vendor: Moodle
product: '' product: ''
cves: cves:
@ -2605,7 +2466,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: MoogSoft - vendor: MoogSoft
product: '' product: ''
cves: cves:
@ -2634,7 +2495,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Motorola Avigilon - vendor: Motorola Avigilon
product: '' product: ''
cves: cves:
@ -2664,6 +2525,38 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Moxa
product: ''
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
notes: Moxa is investigating to determine if any of our products are affected
by this vulnerability. At the time of publication, none of Moxa's products are
affected.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: '' product: ''
cves: cves:
@ -2693,9 +2586,9 @@ software:
by CISA by CISA
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: Mule Runtime product: Anypoint Studio
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2705,8 +2598,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- 3.x - 7.x
- 4.x
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -2727,7 +2619,7 @@ software:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: Mule Agent product: Cloudhub
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2735,9 +2627,8 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: affected_versions: []
- 6.x
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -2758,7 +2649,7 @@ software:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: Cloudhub product: Mule Agent
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2766,8 +2657,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions:
- 6.x
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -2788,7 +2680,7 @@ software:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: Anypoint Studio product: Mule Runtime
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -2798,7 +2690,8 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- 7.x - 3.x
- 4.x
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:

70
data/cisagov_N.yml
Unescape View File

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nagios - vendor: Nagios
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NAKIVO - vendor: NAKIVO
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: National Instruments - vendor: National Instruments
product: OptimalPlus product: OptimalPlus
cves: cves:
@ -102,9 +102,9 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- 'Vertica' - Vertica
- 'Cloudera' - Cloudera
- 'Logstash' - Logstash
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -136,7 +136,7 @@ software:
investigated: true investigated: true
affected_versions: affected_versions:
- '>4.2' - '>4.2'
- '<4..2.12' - <4..2.12
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -182,7 +182,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netcup - vendor: Netcup
product: '' product: ''
cves: cves:
@ -211,7 +211,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NetGate PFSense - vendor: NetGate PFSense
product: '' product: ''
cves: cves:
@ -240,7 +240,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netwrix - vendor: Netwrix
product: '' product: ''
cves: cves:
@ -269,7 +269,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: New Relic - vendor: New Relic
product: Containerized Private Minion (CPM) product: Containerized Private Minion (CPM)
cves: cves:
@ -282,7 +282,7 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- '3.0.57' - 3.0.57
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -312,7 +312,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '<7.4.3' - <7.4.3
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -360,7 +360,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nextflow - vendor: Nextflow
product: Nextflow product: Nextflow
cves: cves:
@ -374,7 +374,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- '21.04.0.5552' - 21.04.0.5552
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -448,7 +448,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NinjaRMM - vendor: NinjaRMM
product: '' product: ''
cves: cves:
@ -478,7 +478,7 @@ software:
by CISA by CISA
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nomachine - vendor: Nomachine
product: '' product: ''
cves: cves:
@ -507,7 +507,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NoviFlow - vendor: NoviFlow
product: '' product: ''
cves: cves:
@ -536,7 +536,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Backlog product: Backlog
cves: cves:
@ -566,7 +566,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Backlog Enterprise (On-premises) product: Backlog Enterprise (On-premises)
cves: cves:
@ -596,7 +596,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Cacoo product: Cacoo
cves: cves:
@ -626,7 +626,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Cacoo Enterprise (On-premises) product: Cacoo Enterprise (On-premises)
cves: cves:
@ -656,7 +656,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab - vendor: Nulab
product: Typetalk product: Typetalk
cves: cves:
@ -686,7 +686,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nutanix - vendor: Nutanix
product: AHV product: AHV
cves: cves:
@ -1343,7 +1343,7 @@ software:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: Leap product: LCM
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1351,10 +1351,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1367,12 +1368,12 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory. notes: ''
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix - vendor: Nutanix
product: LCM product: Leap
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1380,11 +1381,10 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions: []
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1397,7 +1397,7 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: '' notes: Saas-Based Procuct. See Advisory.
references: references:
- '' - ''
last_updated: '2021-12-20T00:00:00' last_updated: '2021-12-20T00:00:00'
@ -1758,7 +1758,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NXLog - vendor: NXLog
product: '' product: ''
cves: cves:
@ -1787,5 +1787,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

31
data/cisagov_Non-Alphabet.yml
Unescape View File

@ -154,4 +154,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: 7Signal
product: Sapphire
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.7signal.com/info/se-release-notes
notes: Fix released 2021-12-14
references:
- ''
last_updated: '2021-12-14T00:00:00'
... ...

82
data/cisagov_O.yml
Unescape View File

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OCLC - vendor: OCLC
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Octopus - vendor: Octopus
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Okta - vendor: Okta
product: Advanced Server Access product: Advanced Server Access
cves: cves:
@ -295,7 +295,7 @@ software:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta - vendor: Okta
product: Okta RADIUS Server Agent product: Okta On-Prem MFA Agent
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -305,7 +305,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- < 2.17.0 - < 1.4.6
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -319,13 +319,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228 - https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta - vendor: Okta
product: Okta Verify product: Okta RADIUS Server Agent
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -333,8 +333,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions:
- < 2.17.0
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -348,13 +349,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://sec.okta.com/articles/2021/12/log4shell - https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta - vendor: Okta
product: Okta Workflows product: Okta Verify
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -383,7 +384,7 @@ software:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: Okta - vendor: Okta
product: Okta On-Prem MFA Agent product: Okta Workflows
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -391,9 +392,8 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: affected_versions: []
- < 1.4.6
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -407,7 +407,7 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228 - https://sec.okta.com/articles/2021/12/log4shell
notes: '' notes: ''
references: references:
- '' - ''
@ -440,7 +440,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Opengear - vendor: Opengear
product: '' product: ''
cves: cves:
@ -469,7 +469,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenMRS TALK - vendor: OpenMRS TALK
product: '' product: ''
cves: cves:
@ -498,7 +498,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenNMS - vendor: OpenNMS
product: '' product: ''
cves: cves:
@ -527,7 +527,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenSearch - vendor: OpenSearch
product: '' product: ''
cves: cves:
@ -556,7 +556,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenText - vendor: OpenText
product: '' product: ''
cves: cves:
@ -587,7 +587,7 @@ software:
- '' - ''
last_updated: '2021-12-23T00:00:00' last_updated: '2021-12-23T00:00:00'
- vendor: Opto 22 - vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2 product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -597,9 +597,9 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- < 3.3.2 - < 4.3g
fixed_versions: fixed_versions:
- 3.3.2 - 4.3g
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -618,7 +618,7 @@ software:
- '' - ''
last_updated: '2022-01-13T00:00:00' last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22 - vendor: Opto 22
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP product: GROOV-AT1, GROOV-AT1-SNAP
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -649,7 +649,7 @@ software:
- '' - ''
last_updated: '2022-01-13T00:00:00' last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22 - vendor: Opto 22
product: GROOV-AT1, GROOV-AT1-SNAP product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -680,7 +680,7 @@ software:
- '' - ''
last_updated: '2022-01-13T00:00:00' last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22 - vendor: Opto 22
product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -690,9 +690,9 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- < 4.3g - < 3.3.2
fixed_versions: fixed_versions:
- 4.3g - 3.3.2
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
@ -741,7 +741,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Exadata product: Enterprise Manager
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -751,7 +751,8 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- <21.3.4 - '13.5'
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -773,7 +774,7 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Oracle - vendor: Oracle
product: Enterprise Manager product: Exadata
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -783,8 +784,7 @@ software:
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: affected_versions:
- '13.5' - <21.3.4
- 13.4 & 13.3.2
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -833,7 +833,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PAM product: PAM
cves: cves:
@ -862,7 +862,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PEM product: PEM
cves: cves:
@ -891,7 +891,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium - vendor: Osirium
product: PPA product: PPA
cves: cves:
@ -920,7 +920,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OTRS - vendor: OTRS
product: '' product: ''
cves: cves:
@ -949,7 +949,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OVHCloud - vendor: OVHCloud
product: '' product: ''
cves: cves:
@ -978,7 +978,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OwnCloud - vendor: OwnCloud
product: '' product: ''
cves: cves:
@ -1007,7 +1007,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OxygenXML - vendor: OxygenXML
product: Author product: Author
cves: cves:

8095
data/cisagov_P.yml
View File

File diff suppressed because it is too large Load Diff

1175
data/cisagov_Q.yml
View File

File diff suppressed because it is too large Load Diff

2857
data/cisagov_R.yml
View File

File diff suppressed because it is too large Load Diff

1171
data/cisagov_S.yml
View File

File diff suppressed because it is too large Load Diff

364
data/cisagov_T.yml
View File

File diff suppressed because it is too large Load Diff

50
data/cisagov_U.yml
Unescape View File

@ -33,7 +33,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ubiquiti - vendor: Ubiquiti
product: UniFi Network Controller product: UniFi Network Controller
cves: cves:
@ -93,9 +93,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Umbraco - vendor: UiPath
product: '' product: InSights
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -103,8 +103,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions:
- '20.10'
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -118,12 +119,12 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/ - https://www.uipath.com/legal/trust-and-security/cve-2021-44228
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2021-12-15T00:00:00'
- vendor: UniFlow - vendor: Umbraco
product: '' product: ''
cves: cves:
cve-2021-4104: cve-2021-4104:
@ -147,12 +148,12 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/ - https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unify ATOS - vendor: UniFlow
product: '' product: ''
cves: cves:
cve-2021-4104: cve-2021-4104:
@ -176,12 +177,12 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf - https://www.uniflow.global/en/security/security-and-maintenance/
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unimus - vendor: Unify ATOS
product: '' product: ''
cves: cves:
cve-2021-4104: cve-2021-4104:
@ -205,13 +206,13 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top - https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: UiPath - vendor: Unimus
product: InSights product: ''
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -219,9 +220,8 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: affected_versions: []
- '20.10'
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -235,11 +235,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228 - https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: USSIGNAL MSP - vendor: USSIGNAL MSP
product: '' product: ''
cves: cves:
@ -268,5 +268,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
... ...

424
data/cisagov_V.yml
Unescape View File

@ -4,35 +4,6 @@ owners:
- name: cisagov - name: cisagov
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varian - vendor: Varian
product: Acuity product: Acuity
cves: cves:
@ -64,7 +35,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: DITC product: ARIA Connect (Cloverleaf)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -72,11 +43,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
- All
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -94,7 +65,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA Connect (Cloverleaf) product: ARIA eDOC
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -154,7 +125,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology product: ARIA oncology information system for Radiation Oncology
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -162,11 +133,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
- All
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -184,7 +155,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA oncology information system for Radiation Oncology product: ARIA Radiation Therapy Management System (RTM)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -214,7 +185,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA eDOC product: Bravos Console
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -244,7 +215,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology product: Clinac
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -274,37 +245,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ARIA Radiation Therapy Management System (RTM) product: Cloud Planner
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Bravos Console
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -334,7 +275,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Clinac product: DITC
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -364,7 +305,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Cloud Planner product: DoseLab
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -394,7 +335,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: DoseLab product: Eclipse treatment planning software
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -424,7 +365,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Eclipse treatment planning software product: ePeerReview
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -432,11 +373,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions:
fixed_versions: []
unaffected_versions:
- All - All
fixed_versions: []
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -454,7 +395,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ePeerReview product: Ethos
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -462,11 +403,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
- All
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -484,7 +425,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Ethos product: FullScale oncology IT solutions
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -492,11 +433,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions:
fixed_versions: []
unaffected_versions:
- All - All
fixed_versions: []
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -514,7 +455,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: FullScale oncology IT solutions product: Halcyon system
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -544,7 +485,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Halcyon system product: ICAP
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -552,11 +493,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
- All
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -694,7 +635,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: ICAP product: Mobius3D platform
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -724,7 +665,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Mobius3D platform product: PaaS
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -934,7 +875,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: PaaS product: TrueBeam radiotherapy system
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -964,7 +905,37 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: TrueBeam radiotherapy system product: UNIQUE system
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Varian Authentication and Identity Server (VAIS)
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -994,7 +965,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: UNIQUE system product: Varian Managed Services Cloud
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1024,7 +995,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Varian Authentication and Identity Server (VAIS) product: Varian Mobile App
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1036,7 +1007,8 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- All - '2.0'
- '2.5'
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1054,7 +1026,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Varian Managed Services Cloud product: VariSeed
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1062,11 +1034,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: affected_versions: []
- All
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- All
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1084,7 +1056,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Varian Mobile App product: Velocity
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1096,8 +1068,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- '2.0' - All
- '2.5'
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1115,7 +1086,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: VariSeed product: VitalBeam radiotherapy system
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1145,7 +1116,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Velocity product: Vitesse
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1175,7 +1146,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: VitalBeam radiotherapy system product: XMediusFax for ARIA oncology information system for Medical Oncology
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1183,11 +1154,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions:
fixed_versions: []
unaffected_versions:
- All - All
fixed_versions: []
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1205,7 +1176,7 @@ software:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: Varian - vendor: Varian
product: Vitesse product: XMediusFax for ARIA oncology information system for Radiation Oncology
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -1213,11 +1184,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions:
fixed_versions: []
unaffected_versions:
- All - All
fixed_versions: []
unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -1234,6 +1205,35 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varnish Software - vendor: Varnish Software
product: '' product: ''
cves: cves:
@ -1262,7 +1262,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varonis - vendor: Varonis
product: '' product: ''
cves: cves:
@ -1291,7 +1291,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veeam - vendor: Veeam
product: '' product: ''
cves: cves:
@ -1320,7 +1320,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Venafi - vendor: Venafi
product: '' product: ''
cves: cves:
@ -1349,7 +1349,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veritas NetBackup - vendor: Veritas NetBackup
product: '' product: ''
cves: cves:
@ -1378,7 +1378,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Vertica - vendor: Vertica
product: '' product: ''
cves: cves:
@ -1408,6 +1408,36 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Video Insight Inc.
product: Video Insight
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://i-pro.com/eu/en/surveillance/news/i-pro-products-and-log4j-2x-vulnerability
notes: Video Insight is a part of Panasonic I-Pro.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Viso Trust - vendor: Viso Trust
product: '' product: ''
cves: cves:
@ -1436,7 +1466,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: VMware - vendor: VMware
product: API Portal for VMware Tanzu product: API Portal for VMware Tanzu
cves: cves:
@ -1648,6 +1678,71 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware Carbon Black Cloud Workload Appliance product: VMware Carbon Black Cloud Workload Appliance
cves: cves:
@ -2261,71 +2356,6 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-12T00:00:00' last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware - vendor: VMware
product: VMware vRealize Automation product: VMware vRealize Automation
cves: cves:
@ -2584,7 +2614,7 @@ software:
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: unaffected_versions:
- 'All' - All
cve-2021-45046: cve-2021-45046:
investigated: '' investigated: ''
affected_versions: [] affected_versions: []

1167
data/cisagov_W.yml
View File

File diff suppressed because it is too large Load Diff

3374
data/cisagov_X.yml
View File

File diff suppressed because it is too large Load Diff

476
data/cisagov_Y.yml
Unescape View File

@ -4,6 +4,40 @@ owners:
- name: cisagov - name: cisagov
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: Yahoo
product: Vespa
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://blog.vespa.ai/log4j-vulnerability/
notes: Your Vespa application may still be affected if log4j is included in your
application package.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yellowbrick - vendor: Yellowbrick
product: '' product: ''
cves: cves:
@ -32,9 +66,9 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YellowFin - vendor: YellowFin
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -42,10 +76,42 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 8.0.10.3, 9.7.0.2
unaffected_versions: []
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
notes: v7 and v6 releases are not affected unless you have manually upgraded to
Log4j2.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Yenlo
product: Connext
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2.x
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -57,13 +123,134 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2 - https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components
are not vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YOKOGAWA
product: CENTUM VP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: CENTUM VP (other components)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is
still under investigation.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: CI Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA - vendor: YOKOGAWA
product: '' product: Exaopc
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaplog
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -71,10 +258,41 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: Exaquantum
cves:
cve-2021-4104:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -91,8 +309,8 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2021-12-22T00:00:00'
- vendor: YSoft SAFEQ - vendor: YOKOGAWA
product: '' product: FAST/TOOLS
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -100,10 +318,252 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: PRM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: ProSafe-RS Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: STARDOM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YOKOGAWA
product: VTSPortal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: YSoft
product: SAFEQ 4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 5
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
notes: ''
references:
- ''
last_updated: '2022-02-01T07:18:50+00:00'
- vendor: YSoft
product: SAFEQ 6
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- <=6.0.63
unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -119,5 +579,5 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-02-01T07:18:50+00:00'
... ...

459
data/cisagov_Z.yml
Unescape View File

@ -32,7 +32,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZAMMAD - vendor: ZAMMAD
product: '' product: ''
cves: cves:
@ -61,7 +61,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zaproxy - vendor: Zaproxy
product: '' product: ''
cves: cves:
@ -90,7 +90,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zebra - vendor: Zebra
product: '' product: ''
cves: cves:
@ -119,7 +119,193 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zeiss
product: Cataract Suite
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.3.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: EQ Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.6, 1.8
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: FORUM
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 4.2.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Glaucoma Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 3.5.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Laser Treatment Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zeiss
product: Retina Workplace
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 2.5.x, 2.6.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html
notes: Patch is available.
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zendesk - vendor: Zendesk
product: All Products product: All Products
cves: cves:
@ -180,7 +366,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zentera Systems, Inc. - vendor: Zentera Systems, Inc.
product: CoIP Access Platform product: CoIP Access Platform
cves: cves:
@ -212,34 +398,137 @@ software:
- '' - ''
last_updated: '2021-12-17T00:00:00' last_updated: '2021-12-17T00:00:00'
- vendor: Zerto - vendor: Zerto
product: '' product: Cloud Appliance
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Cloud Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links: vendor_links:
- https://help.zerto.com/kb/000004822 - https://help.zerto.com/kb/000004822
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Manager
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zerto
product: Virtual Replication Appliance
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://help.zerto.com/kb/000004822
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zesty - vendor: Zesty
product: '' product: ''
cves: cves:
@ -268,7 +557,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zimbra - vendor: Zimbra
product: '' product: ''
cves: cves:
@ -297,7 +586,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zix - vendor: Zix
product: '' product: ''
cves: cves:
@ -327,35 +616,72 @@ software:
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
- vendor: Zoom - vendor: Zoho
product: '' product: Online
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: false
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links:
- https://help.zoho.com/portal/en/community/topic/update-on-the-recent-apache-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2021-02-01T00:00:00'
- vendor: Zoom
product: ''
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links: vendor_links:
- https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache - https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZPE systems Inc - vendor: ZPE systems Inc
product: '' product: ''
cves: cves:
@ -384,7 +710,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zscaler - vendor: Zscaler
product: See Link (Multiple Products) product: See Link (Multiple Products)
cves: cves:
@ -442,15 +768,82 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zyxel - vendor: Zyxel
product: Security Firewall/Gateways product: All other products
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel
product: Netlas Element Management System (EMS)
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Zyxel
product: Security Firewall/Gateways
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-44228: cve-2021-44228:
investigated: true investigated: true
affected_versions: [] affected_versions: []
@ -459,15 +852,17 @@ software:
- ZLD Firmware Security Services - ZLD Firmware Security Services
- Nebula - Nebula
cve-2021-45046: cve-2021-45046:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45105: cve-2021-45105:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
vendor_links: vendor_links:
- https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability
notes: '' notes: ''

Write Preview
Loading…
Cancel
Save