r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Update sample table, change affected not affected

Browse Source
pull/2/head
justmurphy 2 years ago committed by GitHub
parent 36b5e6f200
commit 52fe5ebf13
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 19
      README.md

19
README.md
Unescape View File

@ -1,9 +1,20 @@
# CISA Log4j (CVE-2021-44228) Vulnerability Guidance
CISA will maintain a list of all known vulnerable and not vulnerable software for any related software regarding the Log4j vulnerability.
This repository provides CISA's guidance and an overview of related software regarding the Log4j vulnerability (CVE-2021-44228). CISA encourages users and administrators to review the [official Apache release](https://logging.apache.org/log4j/2.x/security.html) and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately.
</br>
</br>
**Official CISA Guidance & Resources:**
</br>
CISA Director Jen Easterly's Statement: [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability).
</br> CISA Current Activity Alert: [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce)
</br>
National Vulnerability Database (NVD) Information: [CVE-2021-4428](https://nvd.nist.gov/vuln/detail/CVE-2021-44228)
</br>
</br>
CISA will maintain a list of all known affected and not affected software regarding the Log4j vulnerability.
# Software List
| Vendor | Product | Version | Status | Notes | Links | Date Last Updated |
|:--------------|:----------------|:---------------:|:---------------:|:----------------|:------|-------------------:|
| Sample-Vendor | Product-A | 1.15.0, 1.14.0, 1.13.0 | Vulnerable | <Statement by vendor, vuln note, etc.>|[source](https://fakelink.com) | 12/11/2021|
| Vendor | Product | Version | Status | Patch Available | Mitigation Available | Vulnerability Notes | Related Links | Date Last Updated |
|:--------------|:----------------|:---------------:|:---------------:|:----------------|----------------------|:--------------------|---------------|-------------------:|
| Sample-Vendor | Product-A | 1.15.0, 1.14.0, 1.13.0 | Affected | Yes/No [Link]()| Yes/No [Link]() | <Statement by vendor, vuln note, etc.>|[Link Here]() | 12/11/2021|

Write Preview
Loading…
Cancel
Save