parent
36b5e6f200
commit
52fe5ebf13
@ -1,9 +1,20 @@ |
||||
# CISA Log4j (CVE-2021-44228) Vulnerability Guidance |
||||
|
||||
CISA will maintain a list of all known vulnerable and not vulnerable software for any related software regarding the Log4j vulnerability. |
||||
This repository provides CISA's guidance and an overview of related software regarding the Log4j vulnerability (CVE-2021-44228). CISA encourages users and administrators to review the [official Apache release](https://logging.apache.org/log4j/2.x/security.html) and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately. |
||||
</br> |
||||
</br> |
||||
**Official CISA Guidance & Resources:** |
||||
</br> |
||||
CISA Director Jen Easterly's Statement: [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability). |
||||
</br> CISA Current Activity Alert: [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce) |
||||
</br> |
||||
National Vulnerability Database (NVD) Information: [CVE-2021-4428](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) |
||||
</br> |
||||
</br> |
||||
CISA will maintain a list of all known affected and not affected software regarding the Log4j vulnerability. |
||||
|
||||
# Software List |
||||
|
||||
| Vendor | Product | Version | Status | Notes | Links | Date Last Updated | |
||||
|:--------------|:----------------|:---------------:|:---------------:|:----------------|:------|-------------------:| |
||||
| Sample-Vendor | Product-A | 1.15.0, 1.14.0, 1.13.0 | Vulnerable | <Statement by vendor, vuln note, etc.>|[source](https://fakelink.com) | 12/11/2021| |
||||
| Vendor | Product | Version | Status | Patch Available | Mitigation Available | Vulnerability Notes | Related Links | Date Last Updated | |
||||
|:--------------|:----------------|:---------------:|:---------------:|:----------------|----------------------|:--------------------|---------------|-------------------:| |
||||
| Sample-Vendor | Product-A | 1.15.0, 1.14.0, 1.13.0 | Affected | Yes/No [Link]()| Yes/No [Link]() | <Statement by vendor, vuln note, etc.>|[Link Here]() | 12/11/2021| |
||||
|
Loading…
Reference in new issue