diff --git a/data/cisagov_J.yml b/data/cisagov_J.yml index d58b98c..cbee29f 100644 --- a/data/cisagov_J.yml +++ b/data/cisagov_J.yml @@ -5,7 +5,7 @@ owners: url: https://github.com/cisagov/log4j-affected-db software: - vendor: Jamasoftware - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -34,7 +34,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jamf - product: Jamf Pro + product: Jamf Cloud cves: cve-2021-4104: investigated: false @@ -43,9 +43,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - 10.31.0 – 10.34.0 - fixed_versions: [] + affected_versions: [] + fixed_versions: + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -63,8 +63,8 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Janitza - product: GridVis + - vendor: Jamf + product: Jamf Connect cves: cve-2021-4104: investigated: false @@ -76,7 +76,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 8.0.82 + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -88,13 +88,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.janitza.com/us/gridvis-download.html + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Jaspersoft - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Jamf + product: Jamf Data Policy cves: cve-2021-4104: investigated: false @@ -102,10 +102,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -117,13 +118,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Jedox - product: '' + - vendor: Jamf + product: Jamf Health Care Listener cves: cve-2021-4104: investigated: false @@ -131,10 +132,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -146,13 +148,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.jedox.com/en/trust/ + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Jenkins - product: CI/CD Core + - vendor: Jamf + product: Jamf Infrastructure Manager cves: cve-2021-4104: investigated: false @@ -160,10 +162,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -174,13 +177,14 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: [] + vendor_links: + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Jenkins - product: Plugins + - vendor: Jamf + product: Jamf Now cves: cve-2021-4104: investigated: false @@ -188,10 +192,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -203,14 +208,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ - notes: '[Instructions to test your installations in announcement](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/)' + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html + notes: '' references: - '' - last_updated: '2021-12-16T00:00:00' - - vendor: JetBrains - product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, - dotCover, dotPeek) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Jamf + product: Jamf Private Access cves: cve-2021-4104: investigated: false @@ -222,7 +226,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -234,13 +238,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Jetbrains - product: Code With Me + - vendor: Jamf + product: Jamf Pro (On-Prem) cves: cve-2021-4104: investigated: false @@ -251,7 +255,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - Unknown + - '10.34.1' unaffected_versions: [] cve-2021-45046: investigated: false @@ -264,13 +268,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: Datalore + - vendor: Jamf + product: Jamf Protect cves: cve-2021-4104: investigated: false @@ -282,7 +286,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -294,13 +298,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: Floating license server + - vendor: Jamf + product: Jamf School cves: cve-2021-4104: investigated: false @@ -310,9 +314,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: - - '30211' - unaffected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -324,13 +328,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: Gateway + - vendor: Jamf + product: Jamf Threat Defense cves: cve-2021-4104: investigated: false @@ -342,7 +346,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -354,13 +358,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: Hub + - vendor: Janitza + product: GridVis cves: cve-2021-4104: investigated: false @@ -370,9 +374,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: - - 2021.1.14080 - unaffected_versions: [] + fixed_versions: [] + unaffected_versions: + - '8.0.82' cve-2021-45046: investigated: false affected_versions: [] @@ -384,15 +388,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/ + - https://www.janitza.com/us/gridvis-download.html notes: '' references: - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, - IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, - Rider, RubyMine, WebStorm) + last_updated: '2022-01-05T00:00:00' + - vendor: Jaspersoft + product: All cves: cve-2021-4104: investigated: false @@ -400,11 +402,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - Unknown + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -416,13 +417,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: Kotlin + - vendor: Java Melody + product: All cves: cve-2021-4104: investigated: false @@ -432,9 +433,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - Unknown + fixed_versions: + - '1.90.0' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -446,13 +447,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://github.com/javamelody/javamelody/wiki/ReleaseNotes notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: Ktor + - vendor: Jedox + product: All cves: cve-2021-4104: investigated: false @@ -460,11 +461,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - Unknown + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -476,13 +476,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://www.jedox.com/en/trust/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: MPS + - vendor: Jenkins + product: CI cves: cve-2021-4104: investigated: false @@ -494,7 +494,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -506,13 +506,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: Space + - vendor: Jenkins + product: CI/CD Core cves: cve-2021-4104: investigated: false @@ -524,7 +524,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -536,13 +536,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + - https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: TeamCity + - vendor: Jenkins + product: Plugins cves: cve-2021-4104: investigated: false @@ -550,11 +550,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - Unknown + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -566,13 +565,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://youtrack.jetbrains.com/issue/TW-74298 + - https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ notes: '' references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' + - '[Instructions to test your installations in announcement](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/)' + last_updated: '2021-12-16T00:00:00' - vendor: JetBrains - product: ToolBox + product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, + dotCover, dotPeek) cves: cve-2021-4104: investigated: false @@ -584,7 +584,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -601,8 +601,8 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JetBrains - product: UpSource + - vendor: Jetbrains + product: Code With Me cves: cve-2021-4104: investigated: false @@ -613,7 +613,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 2020.1.1952 + - '' unaffected_versions: [] cve-2021-45046: investigated: false @@ -632,7 +632,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains - product: YouTrack InCloud + product: Datalore cves: cve-2021-4104: investigated: false @@ -642,9 +642,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: - - Unknown - unaffected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -662,7 +662,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains - product: YouTrack Standalone + product: Floating License Server cves: cve-2021-4104: investigated: false @@ -673,7 +673,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 2021.4.35970 + - '30241' unaffected_versions: [] cve-2021-45046: investigated: false @@ -686,13 +686,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/ + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: JFROG - product: '' + - vendor: JetBrains + product: Gateway cves: cve-2021-4104: investigated: false @@ -700,10 +700,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -715,13 +716,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/ + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Jitsi - product: '' + - vendor: JetBrains + product: Hub cves: cve-2021-4104: investigated: false @@ -729,9 +730,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '2021.1.14080' unaffected_versions: [] cve-2021-45046: investigated: false @@ -744,13 +746,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md + - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Jitterbit - product: '' + - vendor: JetBrains + product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, + IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, + Rider, RubyMine, WebStorm) cves: cve-2021-4104: investigated: false @@ -758,10 +762,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -773,13 +778,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Johnson Controls - product: BCPro + - vendor: JetBrains + product: Kotlin cves: cve-2021-4104: investigated: false @@ -791,7 +796,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -803,13 +808,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CEM AC2000 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: Ktor cves: cve-2021-4104: investigated: false @@ -821,7 +826,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -833,13 +838,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CEM Hardware Products + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: MPS cves: cve-2021-4104: investigated: false @@ -851,7 +856,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -863,13 +868,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CloudVue Gateway + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: Space cves: cve-2021-4104: investigated: false @@ -881,7 +886,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -893,13 +898,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CloudVue Web + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: TeamCity cves: cve-2021-4104: investigated: false @@ -911,7 +916,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -923,13 +928,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://youtrack.jetbrains.com/issue/TW-74298 notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: C•CURE‐9000 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: ToolBox cves: cve-2021-4104: investigated: false @@ -941,7 +946,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 2.90.x (all 2.90 versions) + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -953,13 +958,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: C•CURE‐9000 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: UpSource cves: cve-2021-4104: investigated: false @@ -969,9 +974,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 2.80.x (all 2.80 versions) + fixed_versions: + - '2020.1.1952' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -983,13 +988,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: C•CURE‐9000 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: YouTrack InCloud cves: cve-2021-4104: investigated: false @@ -999,9 +1004,9 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 2.70 (All versions) + fixed_versions: + - '' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -1013,13 +1018,162 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JetBrains + product: YouTrack Standalone + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '2021.4.35970' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JFrog + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: JGraph + product: DrawIO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/jgraph/drawio/issues/2490 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Jitsi + product: jitsi-videobridge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 'v2.1-595-g3637fda42' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Jitterbit + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Johnson Controls - product: C•CURE‐9000 + product: Athena cves: cve-2021-4104: investigated: false @@ -1031,7 +1185,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 2.60 (All versions) + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1049,7 +1203,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: DLS + product: BCPro cves: cve-2021-4104: investigated: false @@ -1061,7 +1215,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1079,7 +1233,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Entrapass + product: C•CURE Client cves: cve-2021-4104: investigated: false @@ -1091,7 +1245,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1109,7 +1263,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: exacqVision Client + product: C•CURE Server cves: cve-2021-4104: investigated: false @@ -1121,7 +1275,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1139,7 +1293,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: exacqVision Server + product: C•CURE Web cves: cve-2021-4104: investigated: false @@ -1151,7 +1305,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1169,7 +1323,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: exacqVision WebService + product: C•CURE-9000 cves: cve-2021-4104: investigated: false @@ -1181,7 +1335,10 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - '2.90.x' + - '2.80.x' + - '2.70.x' + - '2.60.x' cve-2021-45046: investigated: false affected_versions: [] @@ -1199,7 +1356,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Facility Explorer + product: CEM AC2000 cves: cve-2021-4104: investigated: false @@ -1211,7 +1368,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 14.x + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1229,7 +1386,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Illustra Cameras + product: CEM Hardware Products cves: cve-2021-4104: investigated: false @@ -1241,7 +1398,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1259,7 +1416,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Illustra Insight + product: CK721-A (P2000) cves: cve-2021-4104: investigated: false @@ -1271,7 +1428,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1289,7 +1446,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: iSTAR + product: CloudVue Gateway cves: cve-2021-4104: investigated: false @@ -1301,7 +1458,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1319,7 +1476,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Metasys Products and Tools + product: CloudVue Web cves: cve-2021-4104: investigated: false @@ -1331,7 +1488,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1349,7 +1506,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: PowerSeries NEO + product: Connect24 cves: cve-2021-4104: investigated: false @@ -1361,7 +1518,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1379,7 +1536,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: PowerSeries Pro + product: Connected Equipment Gateway (CEG) cves: cve-2021-4104: investigated: false @@ -1391,7 +1548,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1409,7 +1566,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Qolsys IQ Panels + product: DataSource cves: cve-2021-4104: investigated: false @@ -1421,7 +1578,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1439,7 +1596,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Sur‐Gard Receivers + product: DLS cves: cve-2021-4104: investigated: false @@ -1469,7 +1626,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: Tyco AI + product: Entrapass cves: cve-2021-4104: investigated: false @@ -1481,7 +1638,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All versions + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1499,7 +1656,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: victor + product: exacqVision Client cves: cve-2021-4104: investigated: false @@ -1511,7 +1668,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 5.x + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1529,7 +1686,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: victor/ C•CURE‐9000 Unified + product: exacqVision Server cves: cve-2021-4104: investigated: false @@ -1541,7 +1698,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 3.81.x / victor 5.4.1 / C•CURE‐9000 2.80 + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1559,7 +1716,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: victor/ C•CURE‐9000 Unified + product: exacqVision WebService cves: cve-2021-4104: investigated: false @@ -1571,7 +1728,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90 + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1589,7 +1746,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls - product: VideoEdge + product: Facility Explorer cves: cve-2021-4104: investigated: false @@ -1601,7 +1758,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 5.x + - '14.x' cve-2021-45046: investigated: false affected_versions: [] @@ -1618,8 +1775,8 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Journyx - product: '' + - vendor: Johnson Controls + product: Illustra Cameras cves: cve-2021-4104: investigated: false @@ -1627,10 +1784,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1642,13 +1800,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228- + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: jPOS - product: (ISO-8583) bridge + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Illustra Insight cves: cve-2021-4104: investigated: false @@ -1660,7 +1818,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1672,13 +1830,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625 + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Jump Desktop - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: iSTAR cves: cve-2021-4104: investigated: false @@ -1686,10 +1844,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Kantech Entrapass + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -1701,13 +1890,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.jumpdesktop.com/hc/en-us/articles/4416720395021-Log4j-CVE-2021-44228-CVE-2021-45046-Statement + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Juniper Networks - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Metasys Products and Tools cves: cve-2021-4104: investigated: false @@ -1715,10 +1904,2165 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Active Responder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Bridge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Chiller Utility Plant Optimizer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Connected Chiller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Enterprise Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Location Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Risk Insight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Twin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: OpenBlue Workplace + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: P2000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: PowerSeries NEO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: PowerSeries Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Qolsys IQ Panels + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: RFID Overhead360 Backend + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 'All' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: S321-IP (P2000) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Shoppertrak Analytics (STaN) - Traffic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Shoppertrak Market Intelligence + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Shoppertrak Perimeter Apps + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Shoppertrak Shopper Journey + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Shoppertrak Video Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Sur‐Gard Receivers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: TrueVue Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Tyco AI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: victor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '5.x' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: victor/ C•CURE‐9000 Unified + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '3.81.x / victor 5.4.1 / C•CURE‐9000 2.80 and 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: VideoEdge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '5.x' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Xaap + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Journyx + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228- + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: jPOS + product: (ISO-8583) bridge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Jump Desktop + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.jumpdesktop.com/hc/en-us/articles/4416720395021-Log4j-CVE-2021-44228-CVE-2021-45046-Statement + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Advanced Threat Prevention (JATP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: AppFormix + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Apstra System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Apstra System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Connectivity Services Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Contrail Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Contrail Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Contrail Networking + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Contrail Service Orchestration + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Cross Provisioning Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: CTPOS and CTPView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: ICEAAA Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: JATP Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Juniper Identity Management Services (JIMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Juniper Mist Edge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Juniper Sky Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Junos OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Junos OS Evolved + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Junos Space Network Management Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Mist Access Points + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'Any version on AP12, AP21, AP32, AP33, AP34, AP41, AP43, AP45, AP61, AP63' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: MIST - Juniper Networks Marvis Virtual Network Assistant (VNA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: MIST - Juniper Networks Mist AI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: MIST - Juniper Networks Wi-Fi Assurance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: MIST - Juniper Networks Wired Assurance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Network Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Northstar Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Northstar Planner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Paragon Insights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '>= 21 version 21.1 ; >= 22 version 22.2' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Paragon Pathfinder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '>= 21 version 21.1 ; >= 22 version 22.2' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Paragon Planner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '>= 21 version 21.1 ; >= 22 version 22.2' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Policy Enforcer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Products using Wind River Linux in Junos OS and Junos OS Evolved + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: ScreenOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: SecIntel + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Secure Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Security Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Security Director Insights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Session Smart Router (Formerly 128T) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Space SDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: Standalone Log Collector 20.1 (as also used by Space Security Director) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Juniper Networks + product: User Engagement Virtual BLE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -1736,7 +4080,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Justice Systems - product: '' + product: All cves: cve-2021-4104: investigated: false