1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 08:30:48 +00:00

Update E products

This commit is contained in:
justmurphy 2022-02-08 14:24:37 -05:00 committed by GitHub
parent cbbbf5f096
commit 42b0cab510
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -5,7 +5,7 @@ owners:
url: https://github.com/cisagov/log4j-affected-db url: https://github.com/cisagov/log4j-affected-db
software: software:
- vendor: EasyRedmine - vendor: EasyRedmine
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -34,7 +34,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Eaton - vendor: Eaton
product: Undisclosed product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -42,9 +42,8 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: affected_versions: []
- Undisclosed
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -59,14 +58,12 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf - https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf
notes: Doesn't openly disclose what products are affected or not for quote 'security notes: For security purposes direct notifications are being made to impacted customers. Please stay tuned for more updates.
purposes'. Needs email registration. No workaround provided due to registration
wall.
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: EclecticIQ - vendor: EclecticIQ
product: '' product: TIP
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -74,8 +71,9 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions:
- '< 2.11'
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
@ -90,12 +88,15 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2 - https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2
notes: '' notes: This advisory is available to customer only and has not been reviewed by CISA.
The Threat Intel Platform includes Neo4j 3.5.12 (not vulnerable) and Elasticsearch
and Logstash OSS 7.9.1 (vulnerable) see Elasticsearch below for mitigation.
See link in their own fix for Logstash (Support account needed, ongoing investigation)
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Eclipse Foundation - vendor: Eclipse Foundation
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -124,7 +125,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Edwards - vendor: Edwards
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -132,10 +133,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- ''
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -153,7 +155,7 @@ software:
- '' - ''
last_updated: '2022-01-06T00:00:00' last_updated: '2022-01-06T00:00:00'
- vendor: EFI - vendor: EFI
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -182,7 +184,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: EGroupware - vendor: EGroupware
product: '' product: All
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false