mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-22 08:30:48 +00:00
Update E products
This commit is contained in:
parent
cbbbf5f096
commit
42b0cab510
1 changed files with 20 additions and 18 deletions
|
@ -5,7 +5,7 @@ owners:
|
||||||
url: https://github.com/cisagov/log4j-affected-db
|
url: https://github.com/cisagov/log4j-affected-db
|
||||||
software:
|
software:
|
||||||
- vendor: EasyRedmine
|
- vendor: EasyRedmine
|
||||||
product: ''
|
product: All
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -34,7 +34,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: Eaton
|
- vendor: Eaton
|
||||||
product: Undisclosed
|
product: All
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -42,9 +42,8 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: true
|
investigated: false
|
||||||
affected_versions:
|
affected_versions: []
|
||||||
- Undisclosed
|
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
@ -59,14 +58,12 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf
|
- https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf
|
||||||
notes: Doesn't openly disclose what products are affected or not for quote 'security
|
notes: For security purposes direct notifications are being made to impacted customers. Please stay tuned for more updates.
|
||||||
purposes'. Needs email registration. No workaround provided due to registration
|
|
||||||
wall.
|
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: EclecticIQ
|
- vendor: EclecticIQ
|
||||||
product: ''
|
product: TIP
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -74,8 +71,9 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: false
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions:
|
||||||
|
- '< 2.11'
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
@ -90,12 +88,15 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2
|
- https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2
|
||||||
notes: ''
|
notes: This advisory is available to customer only and has not been reviewed by CISA.
|
||||||
|
The Threat Intel Platform includes Neo4j 3.5.12 (not vulnerable) and Elasticsearch
|
||||||
|
and Logstash OSS 7.9.1 (vulnerable) see Elasticsearch below for mitigation.
|
||||||
|
See link in their own fix for Logstash (Support account needed, ongoing investigation)
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: Eclipse Foundation
|
- vendor: Eclipse Foundation
|
||||||
product: ''
|
product: All
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -124,7 +125,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: Edwards
|
- vendor: Edwards
|
||||||
product: ''
|
product: All
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -132,10 +133,11 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: false
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
@ -153,7 +155,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-06T00:00:00'
|
last_updated: '2022-01-06T00:00:00'
|
||||||
- vendor: EFI
|
- vendor: EFI
|
||||||
product: ''
|
product: All
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -182,7 +184,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: EGroupware
|
- vendor: EGroupware
|
||||||
product: ''
|
product: All
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
|
Loading…
Reference in a new issue